isotropic-2022
Share
Blog
Search
Menu

How To Install A Free SSL Certificate On a GoDaddy Website

By James LePage
 on June 23, 2020
Last modified on January 7th, 2022

How To Install A Free SSL Certificate On a GoDaddy Website

By James LePage
 on June 23, 2020
Last modified on January 7th, 2022

Intro

In this post we're going to be discussing how to install a free SSL certificate on GoDaddy. We're writing this post because we see this question all the time on Reddit and Facebook: “is there any way to avoid the $70.00 per year GoDaddy SSL certificate by installing a free one myself?”. The simple answer to this question is that it is fairly straightforward to avoid the GoDaddy SSL certificate by installing a free one from Let’s Encrypt. In this blog post we're going to discuss how exactly to do that.

This is a companion post to our video tutorial which you can find on YouTube:

Our Gripe With GoDaddy

Many GoDaddy users are led to believe that the only way they can get an SSL certificate for their website is by purchasing the $70.00 per month one found here: https://www.godaddy.com/web-security/ssl-certificate

GoDaddy doesn't come with an automatic free SSL certificate, instead you need to purchase one from the above link. The cheapest one is $70.00 per year, while a wild card SSL costs $295.99 on the first year and $369.99 when you renew. This company is an outlier as many other hosting providers offer a free SSL certificate in their base plans (Cloudways, our hosting partner, offers free SSL certificates that can even be applied to wildcard domains).

Unfortunately, many GoDaddy users are led to believe that their only route when it comes to acquiring an SSL certificate is through the company. In our opinion, this is highway robbery. Not only is it an industry standard to offer a free SSL certificate that is automatically installed onto your website, it isn't right to lead non technical users down this route. We understand the need for convenience, but convenience shouldn't come at $70.00 per year.

Why Do I Want SSL?

In 2020, having a SSL certificate installed on your domain is absolutely essential. The SSL certificate is used to keep sensitive data or information private and encrypted. Only the intended recipient of this data can decrypt this information , making it safe for your website visitors to enter things like payment information, addresses, and more. If you don't have an SSL certificate, any data that website visitors submit can easily be intercepted by malicious actors.

Back in July 2018, Google announced that they would mark all websites without an SSL certificate's not secure. Many browsers followed suit, and today if you don't have an SSL certificate installed on your website, you will get a padlock with a red X through it, and a notice that says something like this “this website is not secure, you should not trust it”.

Avoiding the Not Secure Warning in Chrome | Web | Google Developers
From Google, here are the warnings that your website visitors will encounter if you do not have an SSL installed.

Not only does this destroy your credibility, it has search engine optimization implications, and your website truly is not secure. Hackers can easily steal information, and even manipulate the structure of your website to capture sensitive data from unsuspecting visitors.

When you do have an SSL certificate on your website, the URL will display HTTPS (instead of HTTP) and the padlock will be green, displaying the word secure. This means that any and all information submitted on the website, or sent through it is encrypted, secure, and a visitor can trust your website.

We're not going to go into the specifics of what an SSL certificate actually is. this article is intended to educate you on how to install a free SSL certificate into your GoDaddy website, and forgo the $70 to $300 per year charge.

If you'd like to learn more about SSL certificates, how they encrypt all information, and why they make website secure, read this article: https://www.theedigital.com/blog/why-ssl-and-https-are-essential-for-your-website

Installing A SSL Certificate To Your GoDaddy Website

As we stated before, you are not stuck paying $70.00 to GoDaddy for an SSL certificate, no matter how much they want you to believe that. Instead, we can install a third party SSL certificate from let's encrypt that costs… drumroll please… $0.00.

This entire process of installing the SSL certificate to your GoDaddy website should only take 20 minutes at maximum, and will cost you nothing.

Before we get into the tutorial, let's briefly review every step in this process. We are first going to install a plugin to our WordPress website. We're going to use that plugin to generate a free SSL certificate provisioned by Let’s Encrypt (a nonprofit organization that offers free SSL certificates). we're going to take the SSL certificate, and install it on our GoDaddy-hosted WordPress website through the cPanel interface. Once installed, we're going to test that everything is working, and reap the rewards of our newly secured website.

We don't like GoDaddy hosting. Their shared hosting is extremely slow, overpriced, and the company tries to trick unsuspecting users into paying for services that are easily free. If you're trapped in a long term plan, we feel for you. If your plan is soon to expire, we recommend migrating your website over to Cloudways. This hosting company bills you monthly, offers free SSL's, has amazing Live Support and allows you to host your website on one of the five industry-leading cloud providers (think AWS, Digital Ocean). The service starts at $10 per month, and scales to your needs automatically.

Use the code “Isotropic” for 30% off your first billing cycle.

Start for free (no cc info) with a non restricted 3 day free trial of the platform. 

Step One: Install SSL Zen

The free plugin that we're going to be using to install an SSL certificate into our GoDaddy website is called SSL Zen. This plugin allows you to easily generate an SSL certificate through Lets Encrypt, install it onto your website, and then change all links from HTTP to HTTPS. It makes this process as simple and easy as possible.

Install the plugin on to your WordPress website. While this is a free plugin, there is a premium plan which automates some of these steps (though it kind of defeats the purpose of a free SSL certificate).

Step 2: Follow The Wizard

Upon installation, you will be presented with a four step wizard that will help you install the SSL certificate on to your GoDaddy website.

Step 2.1: Enter Info

The first step is entering your domain and contact details. Be sure to enter the domain correctly, and an email address that you have access to.

Step 2.2: Verify Domain

The second step of this process is verifying your domain. You have two options when it comes to verifying your domain, you can do this either by uploading a file to your root word press directory, or adding a domain text record in DNS. While the plugin states that DNS is quicker (7 minutes compared to 10 minutes), it doesn't mention that propagation can take anywhere from a couple of minutes to 48 hours. This is why we always recommend using the HTTP method.

To verify your domain, you will need to upload a file in a specific folder.

Click on the HTTP box, and an interface will load that shows you how to verify your domain.

We recommend downloading the verification file first period under Step 2 in the interface, click on the “file 1” button. This will download a verification file to your desktop.

The first step is accessing the files that make up your WordPress website. With GoDaddy, you can easily do this with cPanel. Load the cPanel File Manager, and navigate to the directory of your WordPress website. Typically, it is hosted in public_html If there is no other website installed on the server.

There are several other methods of accessing your website's file directory. You can access the website through FTP, or use a plugin like:

You can ensure that you're in the right place by identifying the following three folders that are present in every WordPress installation:

Once you're in your WordPress files, create a new folder titled .well-known. enter that new folder, and create a new folder titled acme-challenge. Within that folder, upload the file that you downloaded in the beginning of this process.

Once the file is uploaded, click on the blue “verify” button.

This will verify that you own the domain as SSL Zen will see that you have access to the server by reading the verification token. (by uploading the file to the folders that you have created, you are creating an HTTP-01 challenge: http://<YOUR_DOMAIN>/.well-known/acme-challenge/<TOKEN>) You can read more about challenge types, and domain verification here: https://letsencrypt.org/docs/challenge-types/

Step 2.3: Access and download SSL certificate

Upon successful verification of your domain, SSL Zen (through Let’s Encrypt) Will generate an SSL certificate for you. The third screen of the wizard will present the three file types that make up an SSL certificate, and give you instructions on how to install it into your C panel host. Because it GoDaddy shared hosting uses cPanel, the instructions that they offer are perfect, though we're going to review how to do it step by step here as well.

On the right of the screen, you can see the three file types that make up any SSL certificate. The certificate.crt, the privatekey.pem, and the cabundle.crt.

The first button on each entry will allow you to copy the data within the file, and the second button will allow you to download the individual file.

Step 2.4: Install your free SSL certificate on GoDaddy

If you're feeling a bit confused at this point, that's OK! all you need to do is follow the steps in this tutorial, and you will have a free SSL certificate installed on GoDaddy. Think of that $70.00 that is remaining in your pocket and press onwards!

Before we continue, we tailored this tutorial for GoDaddy, but this method will work on any host that uses cPannel. Most budget, shared hosting providers offer you a cPanel interface.

To install our SSL certificate, we need to log into GoDaddy's cPanel (KB article here).

select manage

Do this by loading the main GoDaddy dashboard, navigating to my products, clicking on the web hosting tab, and then clicking on the manage button. Now you should be in the dashboard for that individual hosting account. There is a large black button on the upper right hand corner that says “cPanel Admin”. Clicking on that will load the interface that you need to install your SSL certificate.

What is cPanel? The Control Dashboard Explained For Beginners

The admin dashboard should look something like this. Utilize the search function, and type in SSL. Click on the SSL/TLS icon.

Once this screen is loaded, navigate back to your WordPress website, where Step Three of SSL Zen should be open (This is the step that displays the individual components of the certificate).

For each file type, click on the copy button. That will load an interface where you can copy the data contained within the file. Once you've copied the data, navigate back to the cPanel, and paste the data in the respective field.

Both the certificate.crt and cabundle.crt will be pasted into the Certificates (CRT) section on cPanel.

Click on the generate, view, upload, or delete SSL certificates link, and scroll partially down the page until you are at the upload a new certificate section. In this box, paste the certificate.CRT data.

Then click the blue upload button beneath the field.

Repeat this same process for the cabundle.crt (pasted into the Certificates (CRT) section on the SSL cPanel Page).

For the private key, copy and paste the data, navigate to the SSL cPanel page, and click on the “generate, view, upload, or delete your private keys” link. Scroll partially down the page to where it says upload a new private key, paste the private key into the textbox, and click the blue upload button.

Congratulations, you have now installed a free, third party, SSL certificate on to your GoDaddy website. You’re almost done!

Step 2.5: Verify & Activate

Navigate back to your WordPress website, where the third step of the SSL Zen wizard will show. Click on the blue next button. The plugin will verify that you have properly installed your SSL certificate.

Then, the plugin will prompt you to begin serving your WordPress website over SSL. It will automatically convert all incoming HTTP requests to HTTPS, change the site and home URL from HTTP to HTTPS, and fix the insecure content warning by replacing all HTTP URLs to HTTPS URLs (This does the same thing as the wildly popular Really Simple SSL plug in does, removing the need to install two plugins for SSL purposes).

You will need to check off the warning box. This box states that if you don't renew your SSL certificate every 90 days, the website will display a not secure warning to the visitors. This is the tradeoff of the free SSL service. Let's Encrypt SSL certificates will expire every 90 days. That means that every 90 days, you will need to renew the certificate to ensure that your website remains secured.

This is an industry standard, and cannot be changed. Typically, web hosts that offer SSL certificates will automatically renew them every 90 days for you (Cloudways does this). The premium version of SSL Zen, which costs $29.00 per year, will do this as well. And, while this is not verified by us, we feel that GoDaddy is simply reselling a Let’s Encrypt certificate for infinite profit, and automatically renewing it every 90 days.

After checking off the box and clicking next, your website will automatically be converted to HTTPS, and will now be secure. The red padlock in the browser bar should now be green, and you should have automatically been logged out of your WordPress website. If these two things have happened, you have successfully installed a free SSL certificate on your GoDaddy website.

Log back into your website, and run through all pages to ensure that the changes have been made.

Conclusion

Congratulations, not only have you secured your website with an SSL certificate, you have avoided paying GoDaddy $70.00 per year for something that is absolutely free!

We hope that this was a helpful tutorial on installing an SSL certificate into your website. Again, we want to stress that while this tutorial was specifically oriented towards GoDaddy, you can use this method to install an SSL certificate on any host that uses cPanel.

It is pointless to pay for a SSL certificate seeing as they are completely free. Let's encrypt is the industry standard, works very well for us, and is simple and easy to implement.

If you have any questions or comments, feel free to reach out below.

Subscribe & Share
If you liked this content, subscribe for our monthly roundup of WordPress news, website inspiration, exclusive deals and interesting articles.
Unsubscribe at any time. We do not spam and will never sell or share your email.
Subscribe
Notify of
guest
33 Comments
Oldest
Newest Most Voted
Inline Feedbacks
View all comments
kimha
kimha
4 years ago

Hi, going into GoDaddy dashboard, then my products, there is no "web hosting" tab and instead I have a 'managed wordpress" tab. Any ideas on how to continue with the tutorial?

Thanks

Lemon
Lemon
3 years ago
Reply to  kimha

For anyone searching for this, if you have a managed wordpress you cant install third party ssl certificate. this is a reason i dont recomend go daddy to anyone, in other platforms theres always an free option for basic certificate.

Venus
4 years ago

I got into my files but when I try to add .well-known is says that the file already exists. I tried finding it but it is no where to be found. I can only assume that godaddy put a stop to us being able to add free ssl.

StephenM
StephenM
4 years ago
Reply to  Venus

Hey there- that happened to me too. You may want to try enabling hidden files by clicking on the ellipses on the right side of the file browsing toolbar. I think that the dot in front of the folder name causes it to be hidden.

Sstiingya
Sstiingya
1 year ago
Reply to  StephenM

FYI, It's a "gear" in the right hand corner and lets you display hidden files now.

Raven
Raven
4 years ago

Just an update to your guide, I have a new godaddy account, after all these steps you need to go to SSL/TLS on Cpanel then go to "install certificates" here you have to select the cert or copy again the first file (if you follow steps on this guide the other files are already on server their will be filled automatic).

You should add this step to your guide, on my new account I've already had a certicate, ssl zen doesn't work until I change that one for the new one. Thanks for your help!!

Daniel
Daniel
4 years ago
Reply to  Raven

Where can I find the CPanel Admin in a managed WordPress GoDaddy site?

arka
arka
4 years ago

amazing stuff man loved it

Kathrin D.
Kathrin D.
3 years ago

Hey, I followed all the steps, however for some reason for the 3 parts of the ssl certificate (key, crt, and cabundle), I was unable to open the cabundle. It just won't load anything in a pop-up window that I can copy-paste to the cPanel.
Any idea why this could be (and how to solve the issue)? Thanks in advance!

Last edited 3 years ago by Kathrin D.
Stewart
Stewart
3 years ago
Reply to  Kathrin D.

If you click on the file in Explorer and select view so that the data in the file shows in the right side, you can click and drag from the beginning to the last character and copy and paste!

Leisvan
Leisvan
3 years ago

Thanks. You, SSL Zen and Let's Encrypt, saved me a lot of money, thank you very much.

denk27
denk27
3 years ago

I was able to create both folders (.well-known/acme-challenge); however, I am not able to upload the file into it that I downloaded onto my computer per directions. I tried both dragging it and using the upload button, but not successful. I get, "Unable to upload file." Do you have any suggestions? I am ready to say goodbye to GoDaddy because of this nonsense!

Neil DC
Neil DC
3 years ago

thanks for this info. I was surprised when Godaddy doesn't provide Let's encrypt but I need to purchase an SSL. I was kinda mad and confuse. I should have an inquiry about the SSL. But thanks for this site I was able to install the free ssl. thanks

jay
jay
3 years ago

Question, I had no problem a few months ago when I installed Zen into three of my websites. Now I can not update it or renew it. fails every time. on Godaddy. wordpress sites.

Rubb
Rubb
3 years ago

Thanks for the guide
How to renew the SSL when I need to? will I get email when I need to renew?

Conor
Conor
3 years ago

As someone said below:

"For anyone searching for this, if you have a managed wordpress you cant install third party ssl certificate. this is a reason i dont recomend go daddy to anyone, in other platforms theres always an free option for basic certificate."

This appears to be true, so your article should probably mention this.

Lisa
3 years ago
Reply to  Conor

GoDaddy has an article on how to move a managed WordPress to Unmanaged here: https://ph.godaddy.com/help/move-a-managed-wordpress-site-to-an-unmanaged-wordpress-account-19798

ROB
ROB
3 years ago

Great article/tutorial. easy to do.
Also loved the godaddy rant!
THANK YOU!

Naggaraj
Naggaraj
3 years ago

Yes, this is a good post without any doubt. You really do a great job. I am inspired by you. So keep it up!!

Lisa
3 years ago

The figures in the body of the text are not loading at all. I've tried firefox and chrome so far and private windows on both. I can see in the developer tools the location of the figures and it shows me, so I know there are figures plus you refer to them. How is this set up? Is lazy loading something we need to change settings to be able to see?

Mohammed Karim
Mohammed Karim
3 years ago

Thanks a lot for this - very helpful and straightforward

MFMain
MFMain
2 years ago

Thank you!

Naman
Naman
2 years ago

Thanks a lot, it really helps to save 70$ a year

Kamran
Kamran
2 years ago

Hi. I wonder if anything has changed since this article was put on. I have not done it yet and am reading these comments to get a better idea about what I have to do and the issues I may counter.
But there is something with the Free version that makes me wonder and I have not seen any comment about it. Among the differences between the Free and Premium, it says that the is "No" website security with the Free one??!! What the heck? Is all this about the security of web site? What does it mean?

Sakina
Sakina
2 years ago

Thank you for this tutorial!! Worked flawlessly!

yash
yash
2 years ago

knowledgeable content

Reziana
Reziana
2 years ago

Thankyou this article saved my time and my money too!

Michelle
Michelle
2 years ago

Worked perfectly. Amazing tutorial that was straight to the point. Happy to see someone on the internet with an honest review of GoDaddy, they're the WORST. Thank you again!

Andrea
Andrea
2 years ago

Hi there. Thanks for this, but unfortunately it didn't appear to work for me. No wizard. No options at all. No ability to download an SSL.

Scott
Scott
1 year ago

Is it possible for the cert to include all my subdomains on the cert?

Sstiingya
Sstiingya
1 year ago

Dang. same problem as others. the dot messes the folders up and I can't get a fix to work...??

guess I'll have to try the DNS method? Thanks though

Rombout
Rombout
1 year ago

They are a bunch of thieves with all their packages and what not. They show free sal certificate for webhosting, but nothing shows. When I check options in the bcackend, they want me to pay

Article By
James LePage
Contributors/Editors
notloggedin
James LePage is the founder of Isotropic, a WordPress education company and digital agency. He is also the founder of CodeWP.ai, a venture backed startup bringing AI to WordPress creators.
We're looking for new authors. Explore Isotropic Jobs.
linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram