Let’s Encrypt in Bluehost

Add Free SSL in WordPress with Let’s Encrypt in Bluehost & Other Web Hosts

What is SSL?

SSL (Secure Sockets Layer) is the standard security technology for establishing an encrypted link between a web server and a browser. It protects sensitive data between a server and a client. It used to transfer encrypted and safe information between a user and a website. As Web developers and website owners, we are responsible for providing a safe web experience for all of our users. Also having SSL on website is a positive search engine ranking signal.

Some website owners and developers don’t need an SSL certificate as they are not selling anything and only offering information. But SSL encryption will prevent man in the middle attacks, which is a serious security issue when working online.
We can take advantage of free SSL offered by Let’s Encrypt it offers domain validated SSL certificates

Free SSL in WordPress with Let’s Encrypt

What is Let’s Encrypt?

Let’s Encrypt is a free, automated, and open certificate authority (CA), run for the public’s benefit by the Internet Security Research Group (ISRG). It makes it possible to obtain browser-trusted certificates for your domains at no cost that renew automatically.
Anyone who has gone through the trouble of setting up a secure website knows what a hassle getting and maintaining a certificate can be. Let’s Encrypt automates away the pain and lets site operators turn on and manage HTTPS with simple commands. Using Let’s Encrypt is free, so there is no need to arrange payment.

If you’d like to know more about how Let’s Encrypt works behind the scenes, check out how it works page.

Here I will show you how to add Free SSL in WordPress site with Let’s Encrypt in Bluehost, SiteGround and Other Web Hosts.

How to install Let’s encrypt SSL in Site Ground

Step 1: Log in to your cPanel and click on the Let’s Encrypt icon in the Security tab.
Let's encrypt SSL in Site Ground

Once you have entered Let’s Encrypt SSL, you will see a list of the active Let’s Encrypt certificates for your account.

Step 2: Select a domain name where you wish to install the free SSL and select the type of certificate then click on install button.

Done, Let’s encrypt will now issue a new SSL certificate for your website in a few moments.

Now you just need to configure your application to work via https:// to start using the certificate on your site.

If you have Google Analytics installed on your site, don’t forget to update your new url there with https.

For more information, visit https://www.siteground.com/tutorials/cpanel/lets-encrypt.htm.

How to Install Free Let’s Encrypt SSL in Bluehost

Step 1:Log into your Bluehost control panel.

Step 2:Click the Addons tab.

Step 3:Locate SSL Certificates, and click on the learn more button.

Step 4:Click the get started button under WordPress Free SSL.

Step 5:Click the Install button.

For more information, visit https://my.bluehost.com/hosting/help/free-ssl.

How to Add Free SSL in WordPress with Let’s Encrypt on other Hosts

Install and Active the plugin WP Encrypt

After plugin activation, you will find a new admin page in the Settings menu where you can register, generate, renew and revoke certificates for your WordPress site. In a Multisite, this menu is not located in the regular admin, but in the network admin, and it will work for all sites in the network. On the admin page you will find a help tab on top which provides further information on how to get started.

for more info see plugin’s FAQ page

Now follow the steps:

Step 1: Generate a Private Key

Login to cPanel

Click on SSL/TLS Manager in the Security section

Click on Generate, view, upload, or delete your private keys under Private Keys (KEY)

Set the Key Size to 2,048 bits

You can leave the Description blank

Click on Generate

That’s it. You’ve generated the KEY for the SSL

Step 2: Generate a Public Key (Certificate Signing Request)

Click on Return to SSL Manager

Click on Generate, view, or delete SSL certificate signing requests under Certificate Signing Requests (CSR)

Select the Key you’ve generated

Enter your domain name for which you’d like to install SSL
Note – If you’d like to install the certificate for www.yourdomain.com, enter the www.yourdomain.com in this field and not just yourdomain.com

Fill in your company details along with the email address

Set a random alphanumeric Passphrase (For example – abc123)

You can leave the Description blank

Click on Generate

Copy & Paste the Encoded Certificate Signing Request into a notepad file

That’s it. You generated the CSR for the SSL

Step 3: Upload the Certificate

Click on Return to SSL Manager

Click on Generate, view, upload, or delete SSL certificates under Certificates (CRT)

Copy and paste the body of the certificate
(The certificate file placed in a subdirectory in /letsencrypt/live/your_domain_name/cert.pem)

You can leave the Description blank

Click on Save Certificate

Just a few more steps to go.

Step 4: Installing the Certificate

Click on Return to SSL Manager

Click on Manage SSL sites under Install and Manage SSL for your site (HTTPS)

Select your domain name from the drop down for which you’ve uploaded the certificate

Fill Private Key: (KEY) (copy and past fom private.pem) and Certificate (CRT) (copy and past fom cert.pem) and click on “auto fill”
(private.pem and cert.pem are stored in a subdirectory in /letsencrypt/live/your_domain_name/)

Click on Install Certificate

Click on OK

Step 5: Updating WordPress Website URLs

After setting up the SSL certificate, the next step is to move your WordPress URL from HTTP to HTTPS.

Generally normal sites use HTTP protocol When secure sites use HTTPS protocol.

The Address of Secure site with SSL look like this: https://yourdomain.com or https://www.yourdomain.com

If your website is brand new, then just go to your WordPress admin area and click on settings.

There you will need to update the WordPress URL and Site URL fields to use https.

update-url

Don’t forget to save your changes.

If your site has been live for a while, then it can be indexed by search engines. Other sites and bookmarks may have linked to it using http in the URL. So You need to redirect your traffic to the https URL. You can install and activate the Really Simple SSL or wp force SSL plugin.

That’s all done, If you have any further question and need my help, Please ask me via comment. If you liked this article, Please share it on social media.


1 Star2 Stars3 Stars4 Stars5 Stars (5 votes, average: 4.80 out of 5)
Loading...

The following two tabs change content below.

Wasim Sama

Wasim Sama is a passionate blogger and experienced web developer.

13 thoughts on “Add Free SSL in WordPress with Let’s Encrypt in Bluehost & Other Web Hosts

    • Hello Lynn,
      I don’t think so because I am using Let’s Encrypt SSL on this blog without dedicated IP and it’s absolutely free.

    • This is correct, unfortunately.

      I’ve just followed these steps for my own site – got to step 4 and the option isn’t there without a dedicated IP address. Bluehost’s help article states that it’s required at the top of the screen. https://my.bluehost.com/cgi/help/204

      After doing some research, apparently it shouldn’t actually be required unless they’re using old technology and there’s a new thing called “SNI” (Server Name Identification) that allows the possibility of SSL certificates on shared IP addresses – I think they’ve put this restriction in place to make more on the dedicated IP addon.

      Major browsers will soon warn users against visiting sites without SSL certificates. Might be time to look at other providers if Bluehost still have this requirement when this happens.

  1. Hello,
    How can I access private.pem and cert.pem?
    You say they are stored in a subdirectory in /letsencrypt/live/your_domain_name/), but where can I find this?
    Thanks!

    • Hello Apostolos,

      You can find these files via FTP or cPanel. also, go to your WordPress admin settings>>WP Encrypt then you can see file path under “Certificate & Key Locations”.

      Thanks!

    • Hi Muthu,
      Just login to your wordpress admin and go to settings>>WP Encrypt then you can see where your cert.pem and private.pem files are located.
      Then you can find these files via FTP or cPanel and follow the step 3,4 and 5.
      Thank you!

  2. Thanks! It worked fine on my GoDaddy hosting account. One detail : there was no need to follow the help section of the wp-encrypt plugin where they ask you to edit some apache config file. I was able to get my site encrypted without having to do that step. I’d also like to appreciate that you have given us steps that do not need any kind of terminal / SSH command line typing… it’s all point-click-copy-paste. That matters a lot.

Leave a Reply

Your email address will not be published. Required fields are marked *