- Go to https://zerossl.com/
- Click on online tools.
- Click on start, under “FREE SSL Certificate Wizard”.
- On the right-hand side, you have a field called “Domains”, add your domains to this. Include mydomain.com and www.mydomain.com. (Don’t include HTTP:// or https://).
- Accept the zerossl TOS & let’s encrypt SA by adding check marks.
- Hit the next button in the top right corner.
- Zerossl will generate the CSR (Certificate Signing Request). Loading might take some time.
- Once it’s done, click on the download button, to have a backup and click “Next” again.
- It’s going to start generating Account Key (Again might take a few minutes).
- Once done, download the Account Key and click on “Next” button.
- The new page will appear. This is how Letsencrypt will know that you own the domain.
- Download the two txt files.
- Head to your cPanel and click on “File manager” and go to your root folder.
- On root, create new folder .well-known and inside it create an acme-challenge folder. So your path should look like:
Please note: You can just delete the .txt files you put in the /.well-known/acme-challenge once you are done, but keep the folders. You will need them in 90 days again.If the file .well-known does not show after making it. Just do the following, when opening the File Manager select to show all hidden files & folders that start with “.” (dot) as well! Or just type “public_html/.well-known/acme-challenge” into the left menu and click “Go”. If you are having issues with finding root directory.
Jobb added a comment with a better explanation:The first time you use File Manager in GoDaddy, it defaults to the “home” directory, which I found out is NOT the same as the “root” directory. Installing .well-known/acme-challenge in the home directory does not work.In the screenshot above, it shows domainname.com/.well-known/acme-challenge as the path, but again that’s misleading for shared domains. There is an /etc/domainname.com folder, but if you put .well-known/acme-challenge underneath that folder, it also does not work.
With a little digging, I discovered that GoDaddy considers the /public_html folder the “root” folder, so you want to create the subfolders in there so it looks like /public_html/.well-known/acme-challenge. THAT path finally worked.
- Upload the two .txt files (from point 12) inside the acme-challenge folder. Great tip from Rubab in the comments:
As we downloaded two text files in step 7 & 8 , and the files that I downloaded on Step 12 weren’t really ‘text’ files but were simple files with no extension. So, when Step 15 asked to put 2 text files into .well-known/acme-challenge, I put the previous files there; that is why it was not validating the keys.
- Go back to zerossl, and click on the link
- If it returns you a page with numbers & characters, you are good to go. If not then check that the URL path contains mydomain.com/.well-known/acme-challenge and that the sting of numbers & words are the same as on zerossl.
- Click on “next”.
- Voila! Your Certificate is ready now, scroll down and download the CRT & Private key.