How to Set Up a Let’s Encrypt SSL Certificate for Your WordPress on a ServerPilot Free Account

We will show and guide you How to set up a Let’s Encrypt SSL Certificate for your WordPress with a Serverpilot Free Account.

What is SERVERPILOT.IO? For us, this is one of Easiest Manage VPS Server via Website. Just Add Server and little bit configuration and done. ServerPilot super easy to use. And for Free Version there are many limitations, on Free Account you didn’t go any Server Monitoring, Only Single Server User and No Easy SSL built in on it. You need to upgrade to enjoy Easy SSL.

And after we Chit-Chat with my Friend, he sent us a link to Setup LetsEncript SSL Certificate on ServerPilot Free Account easily. We only need to login to our server via SSH and do a little bit command and done 🙂

Before we started a little bit about Let’s Encrypt and why we choose it.  Let’s Encrypt is a free, automated, and open certificate authority (CA), run for the public’s benefit. Let’s Encrypt is a service provided by the Internet Security Research Group (ISRG).

The key principles behind Let’s Encrypt are:

  • Free: Anyone who owns a domain name can use Let’s Encrypt to obtain a trusted certificate at zero cost.
  • Automatic: Software running on a web server can interact with Let’s Encrypt to painlessly obtain a certificate, securely configure it for use, and automatically take care of renewal.
  • Secure: Let’s Encrypt will serve as a platform for advancing TLS security best practices, both on the CA side and by helping site operators properly secure their servers.
  • Transparent: All certificates issued or revoked will be publicly recorded and available for anyone to inspect.
  • Open: The automatic issuance and renewal protocol will be published as an open standard that others can adopt.
  • Cooperative: Much like the underlying Internet protocols themselves, Let’s Encrypt is a joint effort to benefit the community, beyond the control of any one organization.

Simply put, they enable you to get SSL certification for your Website to offer full encryption between your website and your visitors without paying a single cent for the Certificate.

Easiest Way Install LetsEncript on ServerPilot Free Account WordPress Site 01
Easiest Way Install LetsEncript on ServerPilot Free Account WordPress Site 01

Original Tutorial Come from this site and I tweak it and make it more easiest to understand. Let’s Go!.

  1. Login to your Server via SSH and when success the begin do this first command
    sudo git clone https://github.com/letsencrypt/letsencrypt

    Then

    cd letsencrypt
  2. Next, is Stop NGINX Web Server by using this command
    sudo service nginx-sp stop
  3. After NGINX Web Server successfully stop then let’s began install SSL Certificate by using This Command
    sudo ./letsencrypt-auto certonly --standalone-supported-challenges tls-sni-01 -d pakdhw.com -d www.pakdhw.com
  4. Success? Then now it’s a time to Start NGINX Web server again by using this command
    sudo service nginx-sp start
  5. Now the important step, we need a litle bit edit on nginx conf. Just write down this command
    cd /etc/nginx-sp/vhosts.d

    If didn’t work, you need SUDO by using this command before that command

    sudo su
  6. Next you need add SSL config, but before you add this config. Goes to you Web Panel ServerPilot and check your app name.
    App Name on ServerPilot
    App Name on ServerPilot

    Example my App Name is pakdhw. Then I write this SSL Config like this

    sudo vi pakdhw.ssl.conf

    And write down this Code

    server {
    listen 443 ssl http2;
    listen [::]:443 ssl http2;
    server_name  pakdhw.com www.pakdhw.com;
    ssl on;
    
    # letsencrypt certificates
    ssl_certificate /etc/letsencrypt/live/pakdhw/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/pakdhw/privkey.pem;
    
    #SSL Optimization
    ssl_session_timeout 1d;
    ssl_session_cache shared:SSL:20m;
    ssl_session_tickets off;
    
    # modern configuration
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_prefer_server_ciphers on;
    
    ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!3DES:!MD5:!PSK';
    
    # OCSP stapling
    ssl_stapling on;
    ssl_stapling_verify on;
    
    # verify chain of trust of OCSP response
    ssl_trusted_certificate /etc/letsencrypt/live/pakdhw/chain.pem;
    #root directory and logfiles
    root /srv/users/serverpilot/apps/pakdhw/public;
    
    access_log /srv/users/serverpilot/log/pakdhw/pakdhw_nginx.access.log main;
    error_log /srv/users/serverpilot/log/pakdhw/pakdhw_nginx.error.log;
    
    #proxyset
    proxy_set_header Host $host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-SSL on;
    proxy_set_header X-Forwarded-Proto $scheme;
    
    #includes
    include /etc/nginx-sp/vhosts.d/pakdhw.d/*.nonssl_conf;
    include /etc/nginx-sp/vhosts.d/pakdhw.d/*.conf;
    }

    Please Replace pakdhw and domain with your own Domain and App name. And save your work with escape then !wq

  7. Don’t forget to restart your NGINX Webserver using this command
    sudo service nginx-sp restart
  8. And now make it more easely by install this tiny plugin. Plase note, this is my personal advice is to install and activate the Really Simple SSL Plugin. It is maintained and helps you with avoiding problems in WordPress with SSL.
  9. Please Note Let’s Encrypt SSL Certificate need to Renew each Three Month. So let’s make it automatically by add to crontab by using this command then
    sudo crontab -e

    begin to write this code

    @monthly /root/letsencrypt/letsencrypt-auto certonly --renew-by-default --webroot -w /srv/users/serverpilot/apps/pakdhw/public -d pakdhw.com -d www.pakdhw.com

    And Save it.

  10. And Done, last, check your SSL using this website (SSL Labs)
  11. Found any issues? Tell us 🙂

Thanks for many Source about this Tutorial and have a nice day.

Before we end this tutorial, here is why Server Pilot is nice VPS Tools.

  • Software Installation – ServerPilot installs all of the software your server needs, including PHP, MySQL, Nginx, and Apache.
  • Firewall Configuration – ServerPilot secures your server with an iptables firewall.
  • Automatic Updates – ServerPilot keeps your server’s packages updated.
  • Simple Control Panel – ServerPilot’s control panel makes it easy to host multiple sites on a server, manage databases, change PHP versions, deploy SSL and more.
  • Stats and Monitoring – ServerPilot provides stats and monitoring for your servers and apps.
  • Professional PHP and WordPress Hosting – ServerPilot’s Free plan provides everything you need for secure, reliable hosting on your server. Our paid plans offer additional features that may be helpful to you as your business grows.

Leave a Reply

Your email address will not be published. Required fields are marked *