Skip to main content

Free SSL Certificate on GoDaddy Shared Hosting with DNS Verification

This is an update from my earlier post on the same subject for more than a year ago. The SSL certification is the same but the process has changed.

Getting free SSL certificates from Let's Encrypt is a multi steps process. Sites like SSL for Free and ZeroSSL make it simpler.

However, they want to verify that you have the control over the domain where the free SSL certificate is for. They want you to create TXT records in the DNS server that hosts your domain. They will give the details of the TXT records for you to enter. Then they will query the DNS server for the TXT records. If the records are the same then you are verified to have the control over the domain, and they will create the certificate for you.

They just create the certificate. You have to install it in your hosting server.

I was getting the free SSL certificate for my https://cryptobubbles.club from Let's Encrypt. In fact I wanted to have HTTPS for https://answering.cryptobubbles.club because I wanted to test my new plugin that utilizes the Waves crypto payment gateway. The latter is a question and answer site. If you like someone's question or answer then you can donate points to him. You pay for the points in Waves based tokens.

Take a look at my Waves based tokens Jualla and Blindtalk. The sites are here and here.

In my earlier post I was using the service of  SSL for Free. Now I am using the ZeroSSL service.

DNS Verification and Certificate Creation

  1. In GoDaddy web hosting manager, open the cPanel Admin. Click Security->SSL/TLS. And then click "Generate, view, or delete SSL certificate signing requests."
  2. In the Domains box enter your domain.
  3. Enter all other required fields such as your company name and address.
  4. Click Generate.
  5. Copy the Encoded Certificate Signing Request (CSR).
  6. In ZeroSSL click Online Tools. And click Start. Paste the CSR in the respective box.
  7. Select Accept ZeroSSL TOS and Accept Let's Encrypt SA. Click Next.
  8. The Account Key is generated. Copy the Account Key. Click Next.
  9. The verification TXT records are shown.
  10. In GoDaddy cPanel, open the DNS Manager. And select DNS->Manage Zones.
  11. Enter your domain name. The DNS records for your domain will be listed. At the end of the record list click the Add button.
  12. In the Type field select TXT.
  13. In the Host field enter the detail given by ZeroSSL. It coud be _acme-challenge. You must not include your domain name in the Host field. In my case I got _acme-challenge.cryptobubbles.club and entered as is, and the verification failed.
  14. In the TXT Value field enter the detail given by ZeroSSL.
  15. In the TTL field enter the shortest period. Select Custom and enter 600 seconds which is 10 minutes.
  16. Click Save and repeat for the other TXT record.
  17. Wait for at least 10 minutes because we set the TTL to be that long.
  18. In ZeroSSL, click Next.
  19. ZeroSSL will show "Your certificate is ready!" with some messages.
  20. Copy the certificate. Click Done Next.

Installing the Free SSL Certificate

  1. In the GoDaddy cPanel, click Security->SSL/TLS. Then, click "Generate, view, upload, or delete SSL certificates."
  2. Paste the certificate into the Upload a New Certificate box.
  3. Click the Save Certificate button.
  4. The certificate has been saved. Click Go Back.
  5. Find your domain in the certificate list. Click Install.
  6. The certificate details are populated in a number of fields.
  7. Click Install Certificate.

Done. This process will have to be repeated for every 90 days which is the validity period of the Let's Encrypt certificate. I'm still hoping that GoDaddy will simplify the process, or make it automatic.




Comments

  1. Sturdy2March 17, 2020 at 4:50 AM

    Good step-by-step instructions and they do work as stated (March 2020). But note the issue at step 13, it is important.ZeroSSL instructions are not correct. Neither can you use nslookup to confirm visibility. nslookup will fail with an NXDOMAIN error. After you create the TXT records, simply wait 15 minutes then click NEXT on ZeroSSL. HTH...

    ReplyDelete
  2. jamesNovember 9, 2020 at 2:07 AM

    The content is utmost interesting! I have completely enjoyed reading your points and have come to the conclusion that you are right about many of them. You are great, and your efforts are outstanding! CE certificate

    ReplyDelete

Post a Comment

Popular posts from this blog

Setting Up PyScripter for Quantum GIS

PyScripter is a general purpose Python Integrated Development Environment (IDE). Quantum GIS (QGIS) is a desktop GIS application that can be extended with Python plugins. Both are open source softwares. We intend to use PyScripter as an IDE to build QGIS Python plugin. We are using PyScripter 2.4.1.0 and QGIS 1.6.0 in Windows. PyScripter does not come with Python. On the other hand, QGIS is built in with Python. Thus, we will setup up PyScripter to use the build in Python in QGIS. We assume both PyScripter and QGIS are already installed. Preparing PyScripter batch file We assume that QGIS is installed in C:\OSGeo4W\ folder and PyScripter is installed in C:\Program Files\PyScripter\ . 1. Copy qgis.bat in C:\OSGeo4W\ bin to pyscripter.bat 2. Edit pyscripter.bat to remove the last line that read something like this start "Quantum GIS" /B "%OSGEO4W_ROOT%"\apps\qgis\bin\qgis.exe %* and replace it with this in one line Start "PyScripter" /B "C:\Progr
8 comments
Read more

Sending Emails via SMTP

msmtp  requires a minimal setup for sending emails via SMTP compared to sendmail. Here is a configuration for you to send emails from a web host to an external SMTP server. Prior to doing that, you must check whether there is a clear communication channel between your web host and the SMTP server. You can use Telnet . Set up msmtp You are going to set msmtp as an MTA . Hence, you need to remove all other MTAs such as postfix and sendmail: $ sudo apt-get --purge autoremove postfix sendmail Install msmtp and related utilities: $ sudo apt-get install msmtp msmtp-mta mailutils Configure msmtp: $ sudo nano /etc/msmtprc # Set default values for all following accounts. defaults # Use the mail submission port 587 instead of the SMTP port 25. port 587 # Always use TLS. tls on # Set a list of trusted CAs for TLS. The default is to use system settings, but # you can select your own file. tls_trust_file /etc/ssl/certs/ca-certificates.crt # The SMTP server account mx host mail.mx.example
Post a Comment
Read more

fatal: Couldn't find remote ref master

If you are using Github then  master is now known as main . Whatever you want to do with a master must now be referred to a main . If you search for this error message on the Internet then you will encounter with a lot of old discussions on how to set up your master properly which is probably not what you are looking for. The master  is your problem. Rename it to main . I wrote Git My Way about two years ago. Today I created another Github repository. I got this  "fatal: Couldn't find remote ref master"  error message when I wanted to sync the new repo for the first time with my notebook using the notes I wrote in the blog. All the discussions around the error message I found on the Internet were perplexing. Then I recalled that Github had renamed master to main  due to the master-slave connotation. We always have a master copy of a code, never a slave copy. Now suddenly a word context has been diminished for good. What is going to happen to the existing vast documen
Post a Comment
Read more