Installing Let's Encrypt SSL Certificates On Namecheap Hosting
Installing a certificate for the first time
This Gist has detailed instructions on how to install a Let's Encrypt SSL certificate for a web site hosted on Namecheap.
It references this Python script which conducts the challenge with Let's Encrypt that verifies control of the domain(s).
Renewing the certificate
Let's Encrypt certificates expire every 90 days.
Automated
Some links that rely on acme.sh to renew certificates:
- Simple guide to add TLS cert to cpanel
- Let’s encrypt SSL certificates at cPanel automatically and without native support
Todo: figure out if there is a way to automate renewing the certificate. Right now it seems that it requires manually entering commands into a terminal.
Manually renewing
- SSH to the server. [1]
- Navigate to the directory containing Let's Encrypt keys and scripts, e.g.
~/letsencrypt/letsencrypt_nosudo/ - Generate a new signed certificate:
python sign_csr.py -f --public-key user.pub ./[DOMAIN]/domain.csr > ./[DOMAIN]/signed.crt
- This will first prompt for an admin email address.
- Then it will prompt for a series of commands to be entered, which create JSON files that are used by the signing script.
- Then it will prompt for a file to be installed on the server for each of the subdomains included in the certificate.
- (Those are the three steps that would need to be automated somehow.)
After verifying each of the domains, a signed certificate is created.
The certificate is installed with: [2]
crt=`cat ./[DOMAIN]/signed.crt | python urlencode.py` key=`cat ./[DOMAIN]/.key | python urlencode.py` uapi SSL install_ssl domain=[MYDOMAIN.TLD] cert="$crt" key="$key"