If you want to enable https for your websites without having to buy ssl certificates from your web hosting company or a Certificate Authority (CA), you can get free ssl certificate for your site at sslforfree.com.
The site makes it so easy to generate free letsencrypt ssl certificates without shell/ssh access and it works with any web hosting company in as much as you have access to the the SSL/TLS Manager via cPanel where you can install the ssl certificate for your site.
So, if your web hosting company doesn’t support letsencrypt installation via cpanel (eg Namecheap), you should give sslforfree.com a try. I’ve successfully enabled https on my sites hosted on Namecheap by making use of letsencrypt certificates I generated from sslforfree.com 😉
How To Use SSLForFree.com To Generate Free SSL Certificates
You simply go to sslforfree.com, enter the domain name of your site, with www (i.e www.example.com) and click on “Create Free SSL Certificate” button. SSL For Free will also add the non-www version to the certificate (i.e example.com).
Thereafter, you will be required to verify ownership of the domain to which you want to add the certificate. You can select ftp verification, manual verification or dns manual verification. Steps needed for each option is well explained on the site.
If sslforfree.com successfully verifies that you own the domain name, your ssl certificate will be generated for you once you click on the “download ssl certificate” button. You can leave “I Have My Own CSR” unticked.
The downloaded zip file will contain all the files needed to enable https on your site. You can provide it to your hosting company if they can install for you.
If you want to install the certificate by yourself, extract the zip file, sign in to your website cPanel, navigate to “SSL/TLS Manager” in the security section, click on ‘Manage SSL Sites’ under “Install and Manage SSL for your website (HTTPS)”, then copy and paste the certificate, private key and CA in their respective fields and install.
If installed successfully, your site will become accessible via https.
Thereafter, you can proceed to redirect all requests to https, change your site property and view settings url to https in google analytics and submit https versions of your site at google webmasters. If there are mixed content errors, you should fix them too.
You can test for errors by making use of WhyNoPadlock.
- Sign up for renewal update at sslforfree.com, if prompted. With an account at sslforfree.com, you can sign in anytime to see your certificates, expiry date etc
- SSL certificates issued at sslforfree.com have a 90-day expiration. Ensure you renew the certificate before it expires. You can buy ssl certificates from Namecheap if you want ssl certificates with longer expiration.
What’s your thought on this?