Let’s Encrypt SSL is the World’s first SSL authority that has brought free, automated, and open SSL Certificate for all and is sponsored by giant IT companies as Mozilla, Google, CISCO, Facebook and HP etc. Let’s Encrypt let you generate an SSL Certificate for a period of 3 months and after 3 months you can renew it again and that’s all for free.
You can generate it for FQDN which include parent domain (example.com and www.example.com) and sub-domains (sub-domain.example.com and www.sub-domain.example.com) etc.
Generating Let’s Encrypt SSL for newbies could be a complicated task and most of them may not able to generate the certificates due to the complex process and command-line user-interface. In this article we will see that how you can generate the Let’s Encrypt SSL Certificates without using Python or very less command-lines commands.
This article was written when generating Let’s Encrypt SSL was not available online, but now there are plenty of sites that are offering services to generate Let’s Encrypt SSL Certificate online. Example: sslforfree.com
So, let’s begin with it.
Things you will need to generate SSL without Python
- An Email account
- SSH Access (Recommend: Use of putty)
- Basic Knowledge of SSL and SSH
- Ability to generate CSR certificate/ code
- FTP or cPanel access
- Notepad or Notepad++
Steps to generate SSL Certificates
1. Download “Get HTTPs For Free” Script
This tutorial on generating free and easily Let’s Encrypt SSL Certificate is based on the “Get HTTPS For Free” script written in JavaScript and HTML based static page. Simply download the script from https://github.com/diafygi/gethttpsforfree and extract it on your desktop on your PC (Note: No need to upload onto your server/website).
THE SCREENSHOT OF GET HTTPS FREE INDEX.HTML
2. Generating CSR Certificate – Code
Certificate Signing Request (CSR) is a digital certificate which is used to generate an SSL Certificate for a FQDN. The CSR Certificate contains the information about your domain name and other vital details used to generate the CSR certificate. You can generate the using two ways:
- SSH Command-line
- cPanel
The easiest way to generate CSR is through cPanel, but unfortunately many hosting providers don’t offer cPanel especial the low cost VPS and dedicated servers, therefore the only way to generate CSR code is through SSH command-line.
The steps to generate CSR Certificate using SSH Command-line are as follows:
- Login into your server using SSH
- Type the following commands
openssl req -new -newkey rsa:2048 -nodes -keyout example.key -out example.csr
Note: Replace example with your domain name. For instance if your website is isrgrajan.com replace example with isrgrajan (no need to add .domain extension)
- On passing the above command it will request you to provide details like :
- Common name: your-website.com or your-subdomain.website.com
- Organization: Put the name of your Organization
- Organization Unit: Branch or the unit of your organization
- City or Locality: Add the name of your City
- State or Province: Add the name of your State
- Country: Only in two letters in International Organization for Standardization (ISO) format (See here: The list of country codes)
After this your CSR certificate will be generated. Now you can open it using any text-editor or SSH vi command to see and copy the certificate.
Now, generating CSR Certificate using cPanel
To generate CSR using cPanel follow below instructions:
- Login into your cPanel account
- Under Security section click on SSL/TLS option
- Followed by “Generate, view, or delete SSL certificate signing requests.” option below the “Certificate Signing Requests (CSR)” heading.
- Fill out the form and click on “Generate” button.
So, finally you have the CSR certificate and now you can procedure further.
Once you are ready with your CSR Certificate open the index.html located in the “Get HTTPS FOR FREE” script and follow the instructions.
Hope! This will help you all. Thanks for reading
AdChoices Opt-out