Providers like Namecheap give a free SSL certificate with one-year validation for every domain and subdomain you create! it is awesome!
Yet, after finishing this one year, or creating too many subdomains (like I do 😅), you will have to pay 11$ up to 186$ for a single domain, 1 year, SSL certificate!
This article will walk you through using Let's Encrypt's certbot to get a free 3 months SSL certificate for domains without shell access (like shared access domains)

We will cover

• installing certbot on Ubuntu Linux.
• generate SSL challenge and pass it to namecheap domain.
• install the certificates manually using domain cpanel

Install certbot

it is a straightforward operation, Ubuntu comes with snap so

sudo snap install --classic certbot

please check this for other operating systems. simple and easy

Generate the free SSL certificate

looking at my account, I found this subdomain hna.xxx.net

let's generate a new certificate for this domain. Issue this command at the terminal (after installing chatbot of course)

sudo certbot certonly --manual --preferred-challenges http -d hna.xxx.net -d www.hna.xxx.net

Certbot will ask you to fulfill the HTTP challenge by creating a file on your domain or subdomain with a certain value

great, let's create this local file called 2QIY-W... with that special value

it is time to upload it to the website directory at .well-known/acme-challenge, simply use the cpanel file manager to reach that folder, or create it if it doesn't exist

in my case, I was able to find the .well-known/ folder, but I created the acme-challenge/ folder manually

upload the challenge file, and press enter in our terminal to continue the challenge process

in my case, it requested uploading another file, number of challenge files is equal to the number of domains we want to create a new certificate for, in our case, we used hna.xxx.net, and www.hna.xxx.net. Usually, I would add the backend domain to the same certificate, somewhat like backend.hna.xxx.net, but hna is a full-stack Laravel project, so there is no need for that.

after uploading all challenge files to the requested directories, we can press enter in our terminal to continue the process

great job! we have the certificates now! all we need to do is to upload them to our domain

Install the certificate using CPanel

We have the certificates in /etc/letsencrypt/live/ directory, which is a highly secured folder, so I would recommend copying the certificate and its private key out of it.

sudo cp /etc/letsencrypt/live/hna.xxx.net/privkey.pem /home/user/Desktop
sudo cp /etc/letsencrypt/live/hna.xxx.net/cert.pem /home/user/Desktop

and after copying them, let's make them easier to move around by changing their permissions

cd /home/user/Desktop
sudo chmod 777 cert.pem
sudo chmod 777 privkey.pem

nice, but not secure, so be aware to delete those files after uploading them to the website. moving to CPanel now

look for the SSL/TLS in the security section

we will start by uploading the private key, by choosing Generate, view, upload, or delete your private keys.

scroll down to "upload key" section, make sure to select the private key and click on "upload"

it should show something like this

good, now to upload the certificate itself, we need to choose Generate, view, upload, or delete SSL certificates from the first SSL/TLS page

similar to uploading key, we need to scroll to the upload certificate section, choose our certificate file, and press the upload certificate button

finally, let's install it after uploading it

from the first SSL/TLS page, we choose Manage SSL sites

Scroll down to "Install an SSL Website", select the domain, click on "Autofill by domain"

now scroll to the bottom of the page and click on "Install Certificate"

Done! 😎

Did you have any unexpected issues? please share and let's try solving them together
Do you have a better or easier way to do it? please share