How to Install Let's Encrypt on cPanel/WHM
Let's Encrypt is a free, automated, and open Certificate Authority that provides free SSL/TLS certificates. Installing the Let's Encrypt plugin on your cPanel/WHM server allows you to issue free SSL certificates for all your hosted domains automatically.
Method 1: Using AutoSSL (Built-in, Recommended)
cPanel/WHM version 58 and above includes built-in AutoSSL with Let's Encrypt support:
- Log in to WHM.
- Navigate to SSL/TLS > Manage AutoSSL.
- Select "Let's Encrypt" as the provider (you may need to accept the terms of service).
- Click "Save".
- Run AutoSSL by clicking "Run AutoSSL for All Users".
Method 2: Install FleetSSL (Let's Encrypt for cPanel)
If Let's Encrypt is not available as an AutoSSL provider, install the plugin:
# Install the Let's Encrypt plugin for cPanel /scripts/install_lets_encrypt_autossl_provider
Then follow the steps in Method 1 to enable it.
Method 3: Install Certbot via SSH
# Install Certbot yum install certbot -y # Issue a certificate certbot certonly --webroot -w /home/username/public_html -d example.com -d www.example.com # Auto-renew via cron echo "0 0 * * * /usr/bin/certbot renew --quiet" | crontab -
Verify SSL Installation
After AutoSSL runs, verify your SSL certificates:
- Go to WHM > SSL/TLS > Manage SSL Hosts
- Check that each domain shows a valid Let's Encrypt certificate
- Visit your website with
https://to confirm
Automatic Renewal
AutoSSL automatically renews certificates before they expire. Let's Encrypt certificates are valid for 90 days, and cPanel's AutoSSL checks and renews them regularly.
Troubleshooting
- "DCV failed" errors: Ensure the domain points to the server's IP address and port 80 is not blocked.
- Rate limits: Let's Encrypt has rate limits of 50 certificates per domain per week.
- Wildcard certificates: AutoSSL does not support wildcards — use Certbot with DNS validation for wildcards.
