Delta Digit now serves all its content on HTTPS. This means we use an SSL certificate and all user information is safe. HTTPS is now essential for every website. Google also recommends it to the webmasters. We installed the Lets Encrypt certificate in 2017, and now we have updated this article to give more information on installation. This article is based on our experience with Namecheap’s value shared hosting package. We were told that we couldn’t install Lets’ Encrypt on Namecheap shared hosting or other packages, but we did, and here is our tutorial. You can use this to install a certificate in other hosting packages from other companies also.
Lets Encrypt project started a few years ago in 2014. Many companies joined this initiative to make a secure web. Now it is very necessary to have an SSL certificate to get https. Slowly Google started recommending site owners to use https URLs. Many SEO experts and webmasters also recommended moving to a new protocol. We recognized the importance and learned that soon SSL will be important in the future. Many big sites that didn’t have SSL also moved to HTTPS. So we finally decided to shift in 2017.
We tried serving through HTTPS using our Cloudflare CDN. Cloudflare provides free SSL, and we also use it over our Lets Encrypt SSL. It is a bit confusing, though, so we will explain it later. In this article, we will explain various challenges and solutions. Our tutorial is a guide for Namecheap shared hosting, but we have used it for many other providers. You can use it for GoDaddy and many other shared hosting services. It is a general guide, so do give it a try.
Problems, Past Experience, and Study
In 2016, we switched on flexible SSL in our Cloudflare account. We got the HTTPS, but we completely wrecked our site. After switching on the service via Cloudflare CDN, we got lots of problems. There were a lot of redirects. We were completely unable to open the admin dashboard. There was a big issue of mixed contents and breaking of plugins. Some pages were indexed as HTTPS, and some were still HTTP. Some traffic was going to one version and some traffic to another version. This was due to the lack of an SSL certificate in the origin server.
We solved that issue by turning flexible SSL to off and redirecting all HTTPS traffic to HTTP again. It took 2 months for all the indexing to fix and traffic issues to resolve. Then we started our study on the entire process. We tried to use Cloudflare flexible SSL many times. But mixed content was still a problem for us. Images, redirects, and plugins were the main issues. We tested lots of plugins to solve it, but they couldn’t. The major issue was that our images were being served over HTTP. Other scripts and sources were fine.
Therefore we concluded that we need a server-level solution. This meant installing SSL from cPanel. An origin level certificate can solve these issues. We run WordPress, so our whole experience and guide is based on that.
Namecheap Lets Encrypt WordPress Solution
We asked experts and online help on this issue. Many people told us that we can’t install Lets Encrypt on Namecheap shared hosting. But we found a solution to it. We need a WordPress plugin to generate a certificate. In 2017 we used a plugin named “WP Encrypt“. It is currently discontinued. Now there are many plugins available. Some examples are SSL Zen, WP Encryption, etc. You can install any of these plugins and generate certificates. WP Encrypt is not working now, so we will guide you for “SSL Zen“.
- Activate the plugin and put your website details.
- Verify your domain by uploading files or the DNS method. The plugin gives full detail on the process.
- Download three files named certificate.crt, cabundle.crt, and privatekey.pem.
- Now go to SSL/TSL option in Cpanel and click on “Install and Manage SSL for your Site”
- Open certificate.crt with notepad and paste its content on Certificate (CRT), cabundle.crt content on Certificate Authority Bundle (CABUNDLE) and privatekey.pem contents on Private Key (KEY).
- Click on install and wait for the confirmation
- The same method is applicable for updating after expiration.
It is a general tutorial, and you can follow this for most of the shared Panel hosting. We have helped a lot of people to move to HTTPS using this method. Almost all budget hosting packages support this method. There are other ways of installing using SSH as well. You can follow this post in GitHub to install the Lets Encrypt SSL using SSH. There is one general guide for TLS cert as well.
Finishing and Polishing
After the installation, test your site by typing https:// in front of your domain name. If it loads successfully, then the major work is done. Now for fixing all the URLs and components, we used a plugin named “Really Simple SSL“. This fixed all our URLs in a click. And now, for the last touch-up on mixed contents, we installed a plugin named “SSL Insecure Content Fixer”.
These softwares fixed everything for us, and we have no problem. After this, we deleted our site from the Cloudflare account and reinstalled our site by scanning it again from scratch. This time we enabled flexible SSL, and we have no issue. One thing to noticed is that once we enable Cloudflare’s SSL option, browsers show the certificate only from the CDN. Our server’s Lets Encrypt certificate is not shown. It doesn’t matter as long as our site is secure and we have what we want.
After everything, we removed all the above-mentioned plugins. This is to clean up the site and do redirection manually. For this remove plugins and go to Settings>General inside the WordPress dashboard. Then change WordPress Address (URL) and Site Address (URL) to https://. This solves all the errors and the redirection completes. Check everything and create a backup of your site. Finally, we updated our links on social media, Google Webmasters, Bing, and Analytics. Hope this helps also drop your thoughts, advice, and comments below.
Hey, really great article. I used it to set up SSL on my website blaburn(dot)com But I still don’t see the green padlock. I think some content is still served as http like images. What settings did you use for the “SSL Insecure Content Fixer” plugin?
The seeings is in “Simple” and for HTTPS detection is set at “HTTP_X_FORWARDED_PROTO (e.g. load balancer, reverse proxy, NginX)”
This is safe and we have done it, Just be careful and keep your backup just in case. We don’t have videos BTW.
Thank you so much Bookmarked
I guess we covered that already. You need to renew the certificates before they expire using same process using the above mentioned plugin. For the change it will take time and will be done slowly. Really Simple SSL does all work of redirection so no worries.
thank you for this helpful post! it took me like 5 minutes to do everything.
This article is golden! Solved all my issues in no time ❤
Thank for loving it
Thanks a lot for this great article. Using this guide, I was able to install SSL successfully to all my sites. Now the question is how the Auto renewal function of WP Encrypt plugin works? Do I have to update the certificate from cpanel again prior to expiration? or it’s all done in lets encrypt repository?
You’ll have to update from Cpanel again using same process.
This plugin doesn’t work anymore and developer is not providing support either.
Yeah, they abandoned it but the plugin is working for us.
But it looks like unless you buy the Zen SSL premium version, you have to do this process manually every 90 days. Is this true?
Yes that is the case