padlock, globe and some fun circuitry overlay

Free Let’s Encrypt SSL for cPanel using


This article shortcuts how to get SSL certs from Let’s Encrypt (or ZeroSSL) issued and deployed for your cPanel hosted websites (domain or addon domains), using

Picture of dead sea scroll cave with "Support Mindfuel Blog on Patreon" shamelessly promoted on top

The commands to setup and configure in cPanel are here. But once is running via SSH or within cPanel terminal, there’s just 2 key commands needed to handle the SSL portion:

(optional) Set default CA to Let’s Encrypt (if you don’t want ZeroSSL): --set-default-ca --server letsencrypt

Issue your cert: --issue --webroot ~/public_html -d -d --force

Deploy your cert: --deploy --deploy-hook cpanel_uapi --domain --domain

Certs will renew every 60 days automatically, according the authors.

I was not able to successfully include mail, webmail or a wildcard cert. Maybe I will poke at that when I have more time.


I resell NameCheap hosting because I think it offers top notch service at a fantastic price. However, one of the things that annoys me, when compared to providers like HostGator, is that Namecheap has a wonky version of “free SSL.”


It’s done via this weird plug-in for cPanel and I haven’t had it work correctly without contacting support. Even if it did work correctly, it has other drawbacks:

For example, it only gives you 50 1-year certificates. If you have 25 domain names you want to keep secure, you can provide SSL for 2 years and then your start paying. The cost for SSL will crush the savings you get from hosting, and at that point, might as well go back to HostGator or BlueHost.

Next, those 1-year certs are only good for your and That means, if you use cPanel’s or subdomains, you are COL (Cert Outta Luck).


If you use HostGator, they have some gadgets that use Let’s Encrypt to issue automatically renewing SSL certs FOREVER, and they cover all your subdomains. But . . . what if you are a cheap skate like ME? What if you want the suppor awesome inexpensive hosting of Namecheap AND you want free Let’s Encrypt certificates? In that case, let the good times roll.


I found this post:

But this is the post I used:

I also used some of the docs on the project site:

It totally works, but I noticed the certs are from ZeroSSL. Maybe that’s fine, but I want to use Let’s Encrypt, turns out you can do that by setting the default CA.

Ultimately though, I am still not securing my mail or webmail subdomains, so I just use the wonky central hostname which has a wildcard cert on it, and that keeps those in their TLS happy place.

That’s the end of the fun reading, use the TLDR section at the top of this article to make some SSL magic happen in your life 🙂


Real work has been done to make this stuff possible. I like to sponsor the free software I use, and in the case of Let’s Encrypt and, they are saving me VERY real money, so it is only fair I put them on my “donation” payroll and I encourage everyone to support the products you love, ESPECIALLY when they are truly “free”!

padlock, globe and some fun circuitry overlay

2 thoughts on “Free Let’s Encrypt SSL for cPanel using”

    1. Hello Michelangelo,
      I no longer have access to my configuration because I’ve changed hosting providers.

      It looks like it should be possible:

      But, I remember trying * and although the instructions said it should work, it kept having validation errors. I wanted the wildcard because I need mydomain and mail.mydomain and webmail.mydomain to all be SSL, but I couldn’t get that functioning. In the end, I left my hosting provider, and that was one of several reasons.

Leave a Comment

Your email address will not be published. Required fields are marked *