(4 votes, average: 5.00 out of 5)
Loading...How to Install an ACME SSL Certificate on cPanel?
(4 votes, average: 5.00 out of 5)Loading...
Securing your website with HTTPS has shifted from a choice to a requirement for trust, SEO, and modern browsers.
A protocol called ACME (Automated Certificate Management Environment) allows the automated issuance and renewal of SSL/TLS certificates. Although ACME is routinely used on servers such as Apache or Nginx, cPanel users may not realize they can use an ACME-based SSL certificate on their hosting.
This article will offer you a simple outline of the steps to obtain an ACME SSL certificate, from generation to validation to installation via cPanel.
Prerequisites
Access to your Domain’s cPanel
Before you can initiate the steps to install an ACME SSL, you must have valid login access to your domain’s cPanel account.
This is critical as you will complete all configuration steps through cPanel, including creating your directories, uploading the required validation files, and installing the final SSL certificate. Without valid access, you will not complete the verification or installation of your SSL certificate.
The Capability to create files in the ACME Directory
To validate your ACME account, you will need to serve the challenge file from an exact location on your server.
Therefore, you need to be able to create files and folders in the public_html directory, and specifically in the public_html/.well-known/acme-challenge/ directory.
This is the location where your chosen ACME client will place the file used by the Certificate Authority to validate the ownership of a domain.
An ACME Client (e.g., Certbot, acme.sh, ZeroSSL ACME client)
You will need an ACME-compatible client to request and then generate your SSL certificate.
Certbot, acme.sh, and the ZeroSSL ACME client are examples of documents that will automate the process of challenge, issuance, and renewal.
Choose an ACME client that is compatible with your hosting environment and level of comfort with technical aspects.
Domain Pointed at your Hosting Server
Prior to issuing an SSL certificate, you must first ensure that your domain is properly pointed at your hosting server’s IP address.
If your Domain Name (“DNS”) is not configured correctly, the ACME validation will fail because the Certificate Authority will not be able to reach the challenge file located on your server.
Ensure that any A or CNAME records have been updated and propagated correctly before proceeding.
Steps to Install an ACME SSL Certificate on cPanel
Step 1: Generate Certificate Requests Using an ACME Client
ACME clients automate SSL issuance. Popular options include using acme.sh
Run the following command (on any server or local machine with shell access):
acme.sh --issue -d yourdomain.com -d www.yourdomain.com --webroot /path/to/public_htmlThis command:
- Requests a certificate
- Uses HTTP-01 verification
- Creates challenge files for validation
Step 2: Create the ACME Challenge Directory in cPanel
Login to your cPanel and:
- Open File Manager
- Navigate to public_html/
- Create a new folder: .well-known
- Inside it, create another folder: acme-challenge
- Upload the ACME challenge files generated earlier into this directory.
Your challenge file URL will look like:
http://yourdomain.com/.well-known/acme-challenge/your-challenge-fileVerify in your browser that the file loads correctly.
Step 3: Complete the Domain Validation
Return to the terminal where your ACME client is running and allow it to verify the challenge.
If everything is correct, ACME will issue:
- Certificate File (cert.pem)
- Private Key (privkey.pem)
- CA Bundle (chain.pem)
Export them using acme.sh:
acme.sh --install-cert -d yourdomain.com \
--cert-file ./cert.pem \
--key-file ./privkey.pem \
--fullchain-file ./fullchain.pemStep 4: Install the SSL Certificate Through cPanel
- Log in to cPanel
- Navigate to SSL/TLS
- Click on Manage SSL sites or Install and Manage SSL
- Select your domain
- Copy-paste the certificate files:
- Certificate (.CRT): Open cert.pem and paste contents
- Private Key: Open privkey.pem and paste contents
- CA Bundle (Optional but recommended): Open fullchain.pem (or chain.pem depending on your ACME client) and paste contents
- Click Install Certificate
Once installed, your website should immediately switch to HTTPS.
Step 5: Test Your Installed ACME SSL
Use tools like:
- SSL Labs Test
- WhyNoPadlock
- cURL or browser inspection
Confirm:
- No mixed-content warnings
- Certificate chain is valid
- HTTPS redirects are working properly
Step 6: Set Up Auto-Renewal (Important)
ACME certificates typically last 90 days, so renewal automation is crucial.
If using acme.sh, enable auto-renew:
acme.sh --upgrade --auto-upgradeThe tool will automatically renew your certificates and notify you if you need to upload those renewed certificates manually in cPanel.
There are hosting companies that enable cron jobs so that you don’t need to worry about anything, but in the case of shared hosting, they often prefer you upload renewed certificates manually every 45 days.
Also Read: How to Install an ACME SSL Certificate on Windows IIS?
Conclusion
You can secure your website today with CheapSSLWEB as the most reliable website for fast, reliable and affordable SSL certificates.
It doesn’t matter if you are running a personal blog, an eCommerce store, or a corporate platform receiving large amounts of traffic; you won’t find prices cheaper than at CheapSSLWEB with SSL brands you can trust and issued in minutes, keeping your website secure within minutes.
Don’t risk your customers and their information, or potentially yours, by not utilizing https. Instead, upgrade your product or site with branded SSL for the lowest rates in the market.
Take the smarter, savvy route and build trust and confidence with your website or site by relying on great names at affordable prices for SSL or TLS certificates. Act decisively and smartly, say goodbye to insecurity, and choose CheapSSLWEB for your SSL certificates.
