This plugin issues and installs free SSL certificates in cPanel shared hosting with complete automation. You don't need to have coding or server …
Auto-Install Free SSL
With over 350 five-star reviews ⭐⭐⭐⭐⭐, ‘Auto Install Free SSL’ is the FIRST WordPress Plugin that helps you effortlessly generate Free SSL Certificates in your WordPress dashboard.
Let’s Encrypt™ SSL Certificate is FREE. But they provide it through their API. If you are not a programmer, you need to study and practice programming for years to be able to use the API of Let’s Encrypt™ to generate a single Free SSL Certificate for your WordPress website.
Here is where ‘Auto-Install Free SSL’ comes into play. This WordPress plugin provides a hassle-free way to obtain and install the Let’s Encrypt™ free SSL certificate for your website. You don’t need programming or coding experience to set it up. With this plugin, you don’t need to spend hours configuring SSL or waste money purchasing SSL certificates. All you need is a few minutes.
406,500+ DOWNLOADS!!
Minimum System Requirements
- Linux or Windows hosting
- WordPress 4.1
- PHP 5.6
- OpenSSL extension
- Curl extension
- PHP directive allow_url_fopen = On
- The website should be assigned to a domain name (e.g., example.com) accessible online.
- Ensure your web server can serve static files – a standard feature in most web servers.
FREE PLUGIN FEATURES
- Generate and renew Free SSL Certificate.
- One-click Download the generated SSL certificate, Private key, and CA Bundle files.
- Video tutorial on cPanel: (1) How to upload HTTP-01 challenge files to verify domain ownership. (2) How to Install the Free SSL Certificate.
- Written tutorial on Plesk for the above two topics.
- One-click Force SSL activation, i.e., HTTPS redirect, fix insecure links and mixed content warning, display the padlock in the browser’s address bar with ONLY ONE CLICK.
- One-click revert to HTTP if required.
- Automatic renewal reminder by email and admin notice before the SSL expiry date.
The free SSL certificate issued by Let’s Encrypt™ expires in 90 days. They recommend renewing 30 days before expiry. Please check the FAQ section to learn why the lifetime is 90 days.
Use this plugin only for HTTPS redirects too.
If your WordPress website has an SSL certificate installed and you are looking ONLY for Force SSL activation (i.e., HTTPS redirect, fix insecure content), you can use the FREE version.
PREMIUM PLUGIN FEATURES
- Automatic Verification of Domain Ownership.
- Automatic Generation of Free SSL Certificate.
- Automatic Installation of Free SSL Certificate (cPanel or root access is required for this automation). [However, if you have neither cPanel nor root access, we’ll Install the SSL manually for the first time and provide documentation on how to install SSL manually].
- Automatic Renewal of Free SSL Certificate (30 days before expiry).
- Automatic Cron Job. No need to set the Cron Job manually.
- One-click Force SSL activation.
- One-click revert to HTTP if required.
- One-to-one Premium Support.
- SSL installation training for non-cPanel websites.
- Automatic WildCard SSL certificate for free! (Generation and installation of an SSL certificate for a domain that covers all its sub-domains.)
- Automatically sets the DNS TXT record to verify the domain and generate WildCard SSL (supported DNS service providers: Cloudflare, Godaddy, Namecheap, and cPanel.)
- Supports Multisite.
- Works on all the websites hosted on a cPanel / web hosting.
- If needed, you can revoke any SSL certificate and change your Let’s Encrypt™ account key.
(The last five features are available for the unlimited sites license only.)
If your WordPress website is hosted on a VPS or dedicated server and you don’t have cPanel, Automatic Installation of the Free SSL Certificate is still possible. Please get in touch with us after purchase.
BUY PREMIUM VERSION
Benefits of installing an SSL certificate on your WordPress website
-
Protect your users’ data: If an SSL certificate is installed, your WordPress website’s data travels through the internet with 2048-bit (or more) encryption. No computer or hacker in between can read your users’ encrypted data. Only the intended recipient (users’ browser or your server) can decrypt and read the encrypted data. The data may be credit card-like necessary payment details, user input with a contact form, or a simple login form.
-
Display PADLOCK: Installing an SSL certificate is not optional anymore, even if your WordPress website doesn’t accept credit cards. Since July 2018, with version 68, Google Chrome has started to mark all HTTP (no SSL) websites as ‘Not secure’, even if it doesn’t accept user input. All other browsers followed the same path. When users visit an SSL-secured website, all browsers display a secured PADLOCK in the address bar.
-
Boost the Search Engine Ranking: Google and other search engines aim to create a secure web. So, search engines now favor SSL-secured HTTPS websites and discourage insecure ones in the search results. If your WordPress website doesn’t have an SSL certificate installed, you are missing something significant regarding SEO and staying away from potential customers.
-
Gain the trust of your users: If users see the secured PADLOCK and HTTPS connection in the URL, they are assured that your website is secured. Now you are gaining the trust of your potential customers. They are confident to purchase your product or service.
Documentation
Please click here for the documentation.
Support and Report a Bug
Please check the existing topics in the WordPress support forum before creating a new topic for support or reporting a bug.
‘AUTO-INSTALL FREE SSL’ IN YOUR LANGUAGE?
Translations can be added easily here if you want to translate in your language.
Credits
Let’s Encrypt™ is a trademark of the Internet Security Research Group. All rights reserved.
Screenshots
Admin Menu of 'Auto-Install Free SSL'
The first step to generating a Free SSL Certificate
Second step: verify the domain by uploading the challenge files
Final step: download the generated SSL files and install them on the server
Only step [Pro]: one-click installation of Free SSL Certificate
SSL certificate has been generated and installed with a single click [Pro]
Information on the installed SSL from the browser
The SSL will be automatically renewed before expiry [Pro]
Email confirmation when the plugin automatically renews and install a free SSL certificate [Pro]
Activate Force HTTPS and get the padlock with one-click
Automated email with a link to revert to HTTP
Revert to the HTTP option in the plugin's dashboard
FAQ
How do I install the ‘Auto-Install Free SSL’ plugin?
Please click here to learn about plugin installation.
Does installing the free SSL plugin will instantly turn my site into HTTPS?
Sorry, it doesn’t. Installing the plugin and installing SSL certificates are two different processes. After installing this plugin, you need to do some steps. Please check the ‘AFTER ACTIVATION’ section in the documentation.
However, the Premium plugin installs SSL certificates with complete automation. Please check the video tutorial (1:42 min) at the top of this page and see how easy it is.
My website doesn’t accept credit cards. Why do I need an SSL certificate?
Please check the ‘Benefits of installing an SSL certificate on your WordPress website’ above.
How do I generate a free SSL certificate?
Please check the documentation. This documentation is for the free version of the plugin.
If you want complete automation, please check the Premium version’s video tutorial (1:42 min) at the top of this page.
How do I install an SSL certificate on my WordPress website?
Please click here to learn about installing an SSL certificate on your WordPress website.
FYI, the Premium version installs SSL certificates with complete automation.
I see a blank page when I try to generate an SSL certificate. How can I fix it?
Please check the log. It is located in the plugin menu. Most probably, you see an error saying ‘unable to register the account’ along with the following text in the log:
urn:ietf:params:acme:error:invalidEmail
Let’s Encrypt™ API throws this error if an invalid email was set as the admin email of your WordPress website, for example, “yourname@yourdomain.mamp” or “anything@example.com”. Let’s Encrypt™ expects we should register an account with a working email.
To fix this, please update this plugin to the latest version and try generating the SSL again. Then you’ll get a text field to update the admin email address.
Feel free to contact us through the WordPress support forum if you still need help with any issues (with the complete log).
I have installed an SSL certificate but still don’t see any PADLOCK in the browser’s address bar. Why?
Please visit the plugin’s ‘Force HTTPS’ page and click the ‘Activate Force HTTPS’ button.
After installing an SSL certificate, I clicked the ‘Activate Force HTTPS’ button. But I got this error: “No valid SSL is installed”. How can I fix it?
This is a temporary issue. You may wait 24 hours or follow these steps:
Please access your website with HTTPS (e.g., https://example.com). If you are sure that the SSL certificate is installed correctly and the padlock is visible, please log in to your WordPress dashboard, open a new tab, write the following URL in the address bar by replacing ‘www.example.com’ with your domain name, and hit enter:
http://www.example.com/wp-admin/admin.php?page=aifs_force_https&aifsaction=aifs_force_https_override&checked_ssl_manually=done&valid_ssl_installed=yes
How do I deactivate the HTTPS redirect?
Please click the ‘Revert to HTTP’ button on the plugin’s ‘Force HTTPS’ page.
Alternatively, open the email you received after activating the HTTPS redirect (or Force HTTPS) and click the link to deactivate HTTPS redirect and revert to HTTP. The subject line of that email is “‘Auto-Install Free SSL’ has activated Force HTTPS on your website YourDomain.com”. [Replace YourDomain.com with your WordPress website’s domain].
Are my website’s WWW and non-WWW versions included in the free SSL certificate?
If your website is accessible with WWW and non-WWW versions of the domain name (e.g., www.example.com and example.com) and both A record points to the same IP address, our plugin will include both versions in the free SSL certificate.
Why is the validity of the free SSL certificate 90 days? Is it a trial?
The validity period of free SSL certificates being 90 days is not a trial but rather a design choice of Let’s Encrypt™ that prioritizes security. With shorter validity periods, Let’s Encrypt™ encourages frequent certificate renewal, ensuring that websites always have up-to-date and secure certificates. This approach reduces the potential impact of compromised certificates.
The premium version of this plugin renews SSL certificates automatically. Automated renewal processes also make it easier for website owners to maintain security without manual intervention. While the 90-day validity might seem short, the automated renewal process ensures seamless and continuous protection for your website’s users.
Please click here to learn the statement of Let’s Encrypt™.
Does this plugin generate free SSL certificates for bare IP addresses (e.g., https://204.12.132.37)?
Let’s Encrypt™ issues SSL certificates for domain names rather than bare IP addresses. Free SSL certificates are designed to secure domain names, providing encrypted connections between users and websites. Using SSL certificates with domain names is considered the industry’s best practice.
If you’re looking to secure a website, it’s recommended to associate a domain name with the IP address rather than using the bare IP address. This enhances the user experience and aligns with security and usability standards.
[Pro] Why do you need my cPanel password (or API Token) when other Let’s Encrypt clients don’t?
All other Let’s Encrypt clients who auto-install free SSL certificates need root access, a higher privilege than the cPanel user. In shared hosting, the root access belongs to the web hosting company. So those clients will not work on shared hosting.
cPanel username and password (or API Token) are required to install the free SSL certificate with the cPanel API automatically. Let’s Encrypt SSL’s lifetime is 90 days. You need to get and install another SSL certificate before the expiration of the current SSL. If you provide your cPanel username and password (or API Token), this plugin will do this repeated job automatically. All your credentials remain safe in your database. Moreover, ‘Auto-Install Free SSL’ encrypts the password (or API Token) before saving it in your database.
[Pro] Does this WordPress plugin send the cPanel username and cPanel password (or API Token) to your server or to Let’s Encrypt?
We or Let’s Encrypt don’t collect any credentials. This plugin’s source code is open for audit. The WordPress team approved it after the audit. Please feel free to audit yourself too.
[Pro] How do I create the cron job for automation?
You don’t need to set the Cron Job manually. It works by default (from version 3.0.0). However, ‘Auto-Install Free SSL’ can add an optional cron job with one click from your WordPress dashboard (available for unlimited sites license).
[Pro] I received the confirmation email but didn’t receive the cron output by email. Why?
Since version 3.0.0, You can access the cron output by clicking the ‘Log’ menu.
If you have an unlimited site license and created a cron job manually, ensure you have provided your email address in the ‘Cron Email’ section of the Cron Jobs page of cPanel.
ChangeLog