How to Get a Free SSL Certificate for GoDaddy

Screenshot of cPanel showing the tool for installing a free SSL certificate from Let's Encrypt

Introduction

An SSL certificate converts an HTTP website to a more secure HTTPS website. GoDaddy offers SSL certificates for an additional fee. That is, if you are on any of the shared web hosting plans. However, there is a way to get a free SSL certificate for your GoDaddy website.

One possible scenario is to use a free Let’s Encrypt SSL certificate. Lets Encrypt is a public service by the Internet Security Research Group (ISRG). It is a certificate authority that provides free SSL certificates for everyone’s use.

We can use Certbot, a Linux-based utility, to retrieve a free Let’s Encrypt certificate. Afterwards, we can install it in GoDaddy using the cPanel.

The following is a step by step guide to get a free SSL certificate for Godaddy.

Step 1 – Install Certbot

Open a Linux terminal window. Type the command sudo apt-get install certbot, and then press the ENTER key. See the resulting screenshot below.

Screenshot image of Linux terminal showing how to install Certbot, the tool for obtaining a free SSL certificate for GoDaddy

Step 2 – Start Certbot

On the terminal prompt, type sudo certbot certonly –manual, and press the ENTER key.

Step 3 – Provide a valid e-mail address

Certbot will prompt you for an e-mail address. Provide a working e-mail address. Let’s Encrypt will send you a notice when the certificate is about to expire. As an example, I got an e-mail nineteen (19) days before my Let’s Encrypt certificate expired.

Another screenshot of a Linux terminal windows illustrating how to start Certbot to get a free SSL certificate for a GoDaddy hosted website

Step 4 – Agree to the Let’s Encrypt TOS

Agree to the Let’s Encrypt Terms of Service by pressing “A”. You may read the TOS at https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf.

A picture of Linux terminal with Certbot running asking to agree with Terms of Service for acquiring a free SSL certificate

Step 5 – Answer the question about sharing your email address

Next, Certbot asks you if you are willing to share your e-mail address with Electronic Frontier Foundation. EFF is the non-profit organization responsible for creating Certbot. The answer depends on you but for me it’s a No (N).

Screenshot of Certbot asking permission to share the user-provided email address with the Electronic Frontier Foundation before proceeding with the acquisition of a free SSL certificate

Step 6 – Provide the domain name(s) needing the free SSL certificate

Finally, Certbot asks you for your domain name. Note that if your website starts with “www.”, then include it here. Otherwise, do not prefix it with “www.”. As an example, this website’s canonical address is cyberblogspot.com, without “www.”. If I were to enter www.cyberblogspot.com, Certbot would accept it and it would create a certificate. But after installing the resulting certificate, I would get an error saying that the certificate does not match my website’s domain name. In short, the domain name www.cyberblogspot.com is entirely different from the domain name cyberblogspot.com.

Certbot tool for getting a free SSL certificate for a GoDaddy website asking for the domain names

After entering your domain name and pressing the ENTER key, you will be given a challenge. This challenge will prove if you really own the domain name that you provided. Please refer to the screenshot below.

Finally, Certbot displays the required challenge file and its required contents in order to retrieve a free SSL certificate

The challenge consists of creating a file inside your website’s public_html folder. As shown in the screenshot below, I must create a file named 7GYKjGUTJ3EnWT2iW59JTUdrGL9LOg-j0qtU-S1po4w. This file must reside in public_html/.well-known/acme-challenge. Furthermore, this file must contain the following data: 7GYKjGUTJ3EnWT2iW59JTUdrGL9LOg-j0qtU-S1po4w._Z4xQCSLZcEte55G3Cgm3Dix_i08ZvdxCOW-XWOc_UY.

We will leave certbot for the meantime and return to it later after creating the acme challenge file. Do not close the Linux terminal where Certbot is running.

Step 7 – Create the ACME challenge file required to get a free SSL certificate

Let’s walk through the steps in creating the ACME (Automated Certificate Management Environment) challenge file.

Step 7A – Open the cPanel File Manager

First, open the cPanel login page in your internet browser. You can do this by typing your-domain-name/cpanel on the browser’s address bar. Or you may type, your-domain-name:2083 on the address bar. Then, once inside the cPanel, find the File Manager under the Files menu.

Screenshot of GoDaddy's cPanel login screen

If you don’t know your cPanel credentials, log in to your GoDaddy web hosting account. Then, find the File Manager link on your My Hosting dashboard.

Before we create the challenge file, we need to go to the File Manager’s Settings. We want to enable the Show Hidden Files setting. As stated above, we need to create the challenge file inside the directory .well-known/acme-challenge. Since the .well-known directory starts with a dot, it is a hidden directory. Therefore, unless we enable the Show Hidden Files setting, we won’t see directory or folder we are creating. Moreover, any file that we create inside the hidden folder won’t be visible, too.

Step 7B – Enable the File Manager’s Show Hidden Files setting

At the File Manager, click Settings the button.

Screenshot of cPanel File Manager showing how to open the Settings to enable the Show Hidden Files feature

The Preferences window of the cPanel File Manager with an illustration of how to enable the Show Hidden Files setting

On the Preferences windows, click the Show Hidden Files (dotfiles) checkbox. Then, click on the Save button.

Step 7C – Create the .well-known folder or directory inside the public_html folder

Screenshot of cPanel File Manager showing the root directory or root folder of the example website for obtaining a free SSL certificate

First click on public_html, and then press the Folder button.

Screenshot picture of the cPanel File Manager's New Folder window depicting how to create the .well-known folder for the acme challenge

On the New Folder window, type the folder name .well-known on the New Folder Name textbox. Verify that below the input textbox, it says that the new folder will be created in /public_html. Then click Create New Folder button. The folder .well-known should now have been created under the folder /public_html.

Step 7D – Create the folder acme-challenge under .well-known folder

Another screenshot of the File Manager with annotated steps in creating the folder name acme-challenge, a prerequisite to obtaining a free SSL certificate for a GoDaddy hosted website

Click on the newly created .well-known folder, and click the Folder button again.

Screenshot depicting how to create the folder acme-challenge in the New Folder window of the cPanel File Manager

First, type the folder name acme-challenge on the New Folder Name textbox. Below the textbox should be the message: New Folder will be created in /public_html/.well-known. Then, click on the Create New Folder button once more. See the illustration above.

Step 7E – Create the challenge file

Now, we are ready to create the challenge file. First, click on the .well-known folder. Second, click on the acme-challenge folder. And finally, click on the File button.

Image showing the created folder public_html/.well-known/acme-challenge

In the New File window, we need to enter the acme-challenge filename. Since the filename is very long and consists of random alphanumeric characters, typing it is prone to errors. Therefore, it is better to copy and paste the link from the Linux terminal: your-domain-name/.well-known/acme-challenge/7GYKjGUTJ3EnWT2iW59JTUdrGL9LOg-j0qtU-S1po4w. Afterwards, delete the leading URL name: your-domain-name/.well-known/acme-challenge. That leaves you with just the needed filename. Then click the Create New File button.

Picture showing how to create the actual acme challenge file

Step 7F – Place the challenge data into the challenge file

Now, the challenge file is already created. Notice that the file size is zero bytes. We need to edit the file and put the data that is needed for the acme-challenge. Click on the newly created file to select it, and then click on the Edit button.

Screenshot of cPanel File Manager showing the newly created acme chalenge file

Screenshot for starting the cPanel File Manager file editor to edit a file

On the Edit window, click on the Edit button.

Screenshot for the instruction on how to put the data for the acme challenge file

When the File Manager editor appears, copy and paste the challenge data from the Linux terminal. Then, click the Save Changes button, and finally, hit the Close button.

That completes the creation of the acme challenge file. Let’s go back to the Linux terminal with the Certbot program.

Step 8 – Let Certbot check the challenge file and retrieve your free SSL certificate for GoDaddy

Now that the acme challenge file has been created, we can go back to where we left off in Step 6. Open or switch to the Linux terminal running the Certbot program.

Press the ENTER key to let Certbot check the just created acme challenge file. If everything is OK, Certbot returns with a congratulatory message.

Screenshot of the congratulatory message of Certbot confirming the retrieval and storage of the free SSL certificate from Let's Encrypt for possible use with GoDaddy hosted website to convert an HTTP website to an HTTPS website

The Let’s Encrypt issued SSL certificate and its corresponding private key are located at /etc/letsencrypt/live/your-domain-name. The files are fullchain.pem for the certificate and privkey.pem for the private key file.

If you open the file fullchain.pem with a text editor, you should see something similar to this:

-----BEGIN CERTIFICATE-----

MIIFWzCCBEOgAwIBAgISBPdtQU8IWeA69uDi30ply5gbMA0GCSqGSIb3DQEBCwUA

MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD

ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0yMDA2MDIwNzExMjFaFw0y

MDA4MzEwNzExMjFaMBwxGjAYBgNVBAMTEWN5YmVyYmxvZ3Nwb3QuY29tMIIBIjAN

BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzJAPvHDtU9O8b/qvUMrV481k7GSf

XMWe1EqJvqvr9rpFKxQJQ0/5vG4n5Vr7j42WRARiSgMirDHDiTZu52AW6p4alVoV

BKAqi91hJ+DSbKTA+A42haSeRVVWYieXQI01JbTsPQBYu0gRmSb8z9iUrZqW2R84

zUT6cLXkhbxQ86nkzi9Igi7sGhoNiKN5VOgWvRGs9rL1iXYwhP9TVUKHXnwPxWil

31wndBkknC4/spIVxU1X5z0Fha1Nkf8kYO6hvApilYgOR4JUnNPK+e5XfvbLCCuC

FLIWZFEimhl0C3uViyEfTOWqdwCOLHO30AUGIH9sbIsr/I80by7TIS9zsQIDAQAB

o4ICZzCCAmMwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggr

BgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBSp+QU2+X+U0tjWAnWUFXBf

lFe50DAfBgNVHSMEGDAWgBSoSmpjBH3duubRObemRWXv86jsoTBvBggrBgEFBQcB

AQRjMGEwLgYIKwYBBQUHMAGGImh0dHA6Ly9vY3NwLmludC14My5sZXRzZW5jcnlw

dC5vcmcwLwYIKwYBBQUHMAKGI2h0dHA6Ly9jZXJ0LmludC14My5sZXRzZW5jcnlw

dC5vcmcvMBwGA1UdEQQVMBOCEWN5YmVyYmxvZ3Nwb3QuY29tMEwGA1UdIARFMEMw

CAYGZ4EMAQIBMDcGCysGAQQBgt8TAQEBMCgwJgYIKwYBBQUHAgEWGmh0dHA6Ly9j

cHMubGV0c2VuY3J5cHQub3JnMIIBBQYKKwYBBAHWeQIEAgSB9gSB8wDxAHcAXqdz

+d9WwOe1Nkh90EngMnqRmgyEoRIShBh1loFxRVgAAAFydBXAuQAABAMASDBGAiEA

pY2KzRm8ODlUfEe6WkKTDCgtkdRAmP/5jbq+XA2VUZsCIQCnIxMbXFH1AKJcuIBu

ZUkw4hQAu/jzSgfHM8DeGCiKvgB2AAe3XBvlfWj/8bDGHSMVx7rmV3xXlLdq7rxh

Ohpp06IcAAABcnQVwPYAAAQDAEcwRQIgOJRLyUQwzh6sKs7D8V5KX3Utxe3973go

ZCBQQxR9VCYCIQDCGKpth5+OeJ7JTUTfULpcLU5ngo/o1RjkwP/M15ltFjANBgkq

hkiG9w0BAQsFAAOCAQEAXlNBzjP3xw/RLH+6xyEH/+7tgD7AQ0UX76ZoqsRI+5+r

C/LVmzty9ID/Bk0DnpsYQ3KBJ7a+Iq8/if+J4qqkvLaKPedYwzo4hCvs1PAe3y7E

NTvQVAgOxhOOmLOwMLkkNhrnSqHhoY871adfV8mQ2NoNhDuZs1wDm6kP/YQbgyKO

hWk9OA1xf1M1qzKq3BKXau7s+Hhot/SshZXSKmRqsl9CPNL4I6jgS7coc16JTqed

WX0oZcL8oLIt6GBDcf9bjf1uzEqDqOW2LVhXz3cAapc/oe2jQZEIRi3aZOw6K0l9

0gUL/AfEdkVVMDgjSPbphoadZOy/Qy4MNJHDRk7JzA==

-----END CERTIFICATE-----

-----BEGIN CERTIFICATE-----

MIIEkjCCA3qgAwIBAgIQCgFBQgAAAVOFc2oLheynCDANBgkqhkiG9w0BAQsFADA/

MSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMT

DkRTVCBSb290IENBIFgzMB4XDTE2MDMxNzE2NDA0NloXDTIxMDMxNzE2NDA0Nlow

SjELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUxldCdzIEVuY3J5cHQxIzAhBgNVBAMT

GkxldCdzIEVuY3J5cHQgQXV0aG9yaXR5IFgzMIIBIjANBgkqhkiG9w0BAQEFAAOC

AQ8AMIIBCgKCAQEAnNMM8FrlLke3cl03g7NoYzDq1zUmGSXhvb418XCSL7e4S0EF

q6meNQhY7LEqxGiHC6PjdeTm86dicbp5gWAf15Gan/PQeGdxyGkOlZHP/uaZ6WA8

SMx+yk13EiSdRxta67nsHjcAHJyse6cF6s5K671B5TaYucv9bTyWaN8jKkKQDIZ0

Z8h/pZq4UmEUEz9l6YKHy9v6Dlb2honzhT+Xhq+w3Brvaw2VFn3EK6BlspkENnWA

a6xK8xuQSXgvopZPKiAlKQTGdMDQMc2PMTiVFrqoM7hD8bEfwzB/onkxEz0tNvjj

/PIzark5McWvxI0NHWQWM6r6hCm21AvA2H3DkwIDAQABo4IBfTCCAXkwEgYDVR0T

AQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAYYwfwYIKwYBBQUHAQEEczBxMDIG

CCsGAQUFBzABhiZodHRwOi8vaXNyZy50cnVzdGlkLm9jc3AuaWRlbnRydXN0LmNv

bTA7BggrBgEFBQcwAoYvaHR0cDovL2FwcHMuaWRlbnRydXN0LmNvbS9yb290cy9k

c3Ryb290Y2F4My5wN2MwHwYDVR0jBBgwFoAUxKexpHsscfrb4UuQdf/EFWCFiRAw

VAYDVR0gBE0wSzAIBgZngQwBAgEwPwYLKwYBBAGC3xMBAQEwMDAuBggrBgEFBQcC

ARYiaHR0cDovL2Nwcy5yb290LXgxLmxldHNlbmNyeXB0Lm9yZzA8BgNVHR8ENTAz

MDGgL6AthitodHRwOi8vY3JsLmlkZW50cnVzdC5jb20vRFNUUk9PVENBWDNDUkwu

Y3JsMB0GA1UdDgQWBBSoSmpjBH3duubRObemRWXv86jsoTANBgkqhkiG9w0BAQsF

AAOCAQEA3TPXEfNjWDjdGBX7CVW+dla5cEilaUcne8IkCJLxWh9KEik3JHRRHGJo

uM2VcGfl96S8TihRzZvoroed6ti6WqEBmtzw3Wodatg+VyOeph4EYpr/1wXKtx8/

wApIvJSwtmVi4MFU5aMqrSDE6ea73Mj2tcMyo5jMd6jmeWUHK8so/joWUoHOUgwu

X4Po1QYz+3dszkDqMp4fklxBwXRsW10KXzPMTZ+sOPAveyxindmjkW8lGy+QsRlG

PfZ+G6Z6h7mjem0Y+iWlkYcV4PIWL1iwBi8saCbGS5jN2p8M+X+Q7UNKEkROb3N6

KOqkqm57TH2H3eDJAkSnh6/DNFu0Qg==

-----END CERTIFICATE-----

Opening the privkey.pem will give you this:

-----BEGIN PRIVATE KEY-----

MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQDMkA+8cO1T07xv

+q9QytXjzWTsZJ9cxZ7USom+q+v2ukUrFAlDT/m8biflWvuPjZZEBGJKAyKsMcOJ

Nm7nYBbqnhqVWhUEoCqL3WEn4NJspMD4DjaFpJ5FVVZiJ5dAjTUltOw9AFi7SBGZ

JvzP2JStmpbZHzjNRPpwteSFvFDzqeTOL0iCLuwaGg2Io3lU6Ba9Eaz2svWJdjCE

/1NVQodefA/FaKXfXCd0GSScLj+ykhXFTVfnPQWFrU2R/yRg7qG8CmKViA5HglSc

08r57ld+9ssIK4IUshZkUSKaGXQLe5WLIR9M5ap3AI4sc7fQBQYgf2xsiyv8jzRv

LtMhL3OxAgMBAAECggEBAMkVG8LbJw/t5SAWRlue554kev688sJZKIX6N2kMyskf

1XpBGdHnPdByYBle1EYKohl+Tbf/WQf3awToUyByHlTG0c7aXCrN3sTZ+vUeVPqj

AWVVY1b/uOzitCWMUWwM4p+MN2THgHGoqFPqNT2C4rO8cGhB/q4ZDi3ZPygPM2ww

ZILdbtRdVh7eL01gNkO99z8p44bgHtARLbNI2OQSXpa6MbC7UajGjrfOtz8i8ZZF

ISRkngaJ3RwmXfFOawggQe2FYG4ZwGgZg9aeyeOOIDkCgYEA88hS+YcRpfZxnRnE

WDTdSpzIqzCyb7yjF8plquD0qcBpsCnA7t3oADe9tavuBY8Ps6B/4eZcgNKm8lRj

nj7MqXqKY6lZ5Bd94dh4HwMgyP1y2NjdFEUa/fxu3wE/bd8h20ywlK25OoR8IwZ6

1Rsr8pHyYf4IpJVuSZNkPb4dDisCgYEA1tCOaEt4yeLBtj0S6tfgiTwSyyuhHO5K

vZmVb+lV386AVbGWJCRFcn+ALcjgs7tqwp7jeC3S/gNjlxj0on0zXjjc/mkrUQ8X

n+ozcvmAZKK7dzcIXXpP/HvlJQI7js+HGxA7tlAkpGCoONt0QTeSpQO9sjUenBdN

oX5nlAzpc5MCgYBXFG2fOIIzWE7JIVUjdO6/IjYEAIccprNTYjbizSxYHqUiCigi

qx2eRkr7xAhn7+xZ67ECjnjog1ajJUXYVvJgb6dTZkD32vRaYiq2WTWy1eXaU8zU

2sKDi1JHUnjH1HaRkVlaIpwRrRVypXPm/6e5JC0Cl+2abM5SddXOwEQ8tQKBgQCw

sBBCJrmuTK4KiEeUFIZiOqA2rqcxVaryMm5hA2qX0JFsaspU5eSdXdP/VLfF/cS9

WdU9l2txdTYoJOWq9RIYUOss8zIm1SQYa5lv21rI67UIRKLDyIQb54g9nY2BVJ8L

GpoSxe6tqbcUNSV1MxGSWvZfqyOHPf+jcoYdl1U5swKBgQDSqg1+4cDBQDmeg3mh

XT9n5G8ypV5h29CanIIPp2AGa2pS7pLyCX53Zhus7/+fg0ZSM+d1IDmkL2Q6/jkU

eF3PCIyQCOPpBLzjR2oDYmxWRdsb334Nfpk0uUbL9sJNVgkGTSknOymvnYsf5nF4

RTeAvL5x0+JQ7nY9ZzPHwKpdTg==

-----END PRIVATE KEY-----

Summary on How to Get a Free SSL Certificate for GoDaddy

In conclusion, to get a free SSL certificate for a Godady hosted website, install and run Certbot. Then, Certbot will ask you to place a challenge file in your website to prove that you are the owner of the site. If it finds the challenge file in its proper place, it retrieves a free certificate from Let’s Encrypt. However, the certificate is only valid for three (3) months.

THE NEXT STEP

Now, for the next step, see How to Install SSL Certificate in GoDaddy

References on How to Get a Free SSL Certificate for GoDaddy

Let’s Encrypt – A service providing free SSL certificates. A project of the Internet Security Research Group.
Certbot – A Linux tool for acquiring and installing SSL certificates from Let’s Encrypt.
Electronic Frontier Foundation – Creator of Certbot.