How do I add a free Let's Encrypt certificate?

Before adding the certificate

Make sure your DNS points to DreamHost. This means that your Nameservers should be pointed to DreamHost, or your A records should be pointed to your domain's IP address (assuming your Nameservers are at a different company).

This is because 'Let's Encrypt' adds a .well_known/ folder to your site to authenticate the certificate. If your site's DNS is not resolving to DreamHost, the certificate cannot create this folder and authenticate.

Additionally, certain .htaccess rules such as IP blocking, rewrite rules, and password protection may cause the installation to fail. To play it safe, rename your .htaccess file (to something like .htaccess_OFF) in order to turn it off temporarily. Then, install the certificate. Once installed, you can rename the file back to .htaccess.

If disabling your .htaccess breaks your site, then add the following rule which should allow the installation to process:

RewriteRule ^.well-known/(.*)$ - [L]

Adding the certificate

  1. Navigate to the (Panel > 'Domains' > 'Secure Hosting') page. The top section titled 'Active SSL certificates' lists any active SSL certificates for your domains.
    The next section titled 'Add a new SSL certificate' lists three options to add an SSL to your domain:
    SSL panel 01.png
  2. Click the 'Add' button next to Let's Encrypt SSL.
    SSL panel 05.png
  3. From the dropdown, choose your domain and if you wish to purchase a Unique IP address.

    In order for a domain/subdomain to show in the dropdown menu, it must be set as 'Fully Hosted', 'Mirrored', or 'Parked'.

  4. Then click the 'Add now!' button.
    A Success message displays confirming the purchased certificate:

Test if the SSL certificate is working

The certificate is now installed on your domain. Visit the secure URL of your website at:

      • https://example.com
Install_Comodo_Cert_08.png

You can see the browser bar shows a lock icon confirming the connection is secure.

If you just installed the certificate, you may need to wait a few hours for it to update online.

 

How do I change my current SSL certificate into a Let's Encrypt certificate?

  1. Navigate to the (Panel > 'Domains' > 'Secure Hosting') page.
  2. To the right of your domain, click the 'Change' link.
    SSL panel Let's Encrypt.png
  3. Choose the option to add a 'Let's Encrypt' certificate.
  4. Check the box to agree to the terms of service.
  5. Click the Save changes now! button.

In a few hours your new certificate is automatically installed.

Forcing your site to load HTTPS be default

Even after you have added the SSL certificate to your site, visitors will not be able to use it unless they manually type in 'https' before your domain name. This defeats the purpose of adding it in the first place since the certificate is meant to protect all of your website traffic.

There are several ways to fix this. View the following article for instructions on how to create a configuration file to redirect all visitor traffic to the secure version of your URL (https).

Redirecting to the HTTPS version of your URL only works for the same domain. This means that you can only redirect from http://example.com to https://example.com

Is it NOT possible to redirect to a different domain. For example: http://example1.com to https://example2.com would not function with a 'Let's Encrypt' certificate.

See also

Did this article answer your questions?

Article last updated PST.