Adding a free Let's Encrypt certificate

 

Overview

This article explains the steps to add a free Let's Encrypt SSL certificate to your domain.

Every domain must have a separate certificate, which means that if you wish to add an SSL certificate, for example.com and blog.example.com, you must add them separately.

Step 1 — Preparing your domain

Before you add the certificate, you must make sure the domain is configured correctly, otherwise the installation may fail.

 

Configure hosting for your domain

Your domain must be fully hosted, redirected, or parked.

Point your DNS to DreamHost

Before installing, confirm that your domain's DNS is currently pointing to DreamHost. This is necessary because a Let's Encrypt certificate locates your domain using DNS. It then adds a .well_known/ directory to your site to authenticate the certificate. If your site's DNS does not resolve to DreamHost, the certificate is not able to authenticate.

You must point the nameservers (recommended) or the A records to DreamHost. See this article to determine the best option for your website.

Disable your .htaccess file

If your site uses an .htaccess file, it must be temporarily disabled. Certain .htaccess rules, such as IP blocking, rewrite rules, and password protection, may cause the installation to fail.

To disable the file, rename it to something like .htaccess_OFF. Then, install the certificate. Once installed, you can then rename the file back to .htaccess.

If disabling your .htaccess breaks your site, try adding the following rule, which should allow the installation to process:

RewriteRule ^.well-known/(.*)$ - [L]

Step 2 — Adding the certificate

After the DNS is pointing to DreamHost, you can then add the certificate.

  1. Navigate to the Secure Certificates page.
  2. Click the Add button to the right of your domain.
  3. On the next page, click the Select this Certificate button.

Step 3 — Testing the certificate

If you just installed the certificate, you may need to wait a few hours for it to update online. After that, you can confirm it is functioning by visiting your website's secure HTTPS URL (e.g., https://example.com).

You should see a lock icon in the browser bar, which confirms the connection is secure.

See also

Did this article answer your questions?

Article last updated PST.

Still not finding what you're looking for?