Description
Auto-Install Free SSL
It is the 1st WordPress Plugin that Automatically issues and installs Free SSL Certificates.
Letâs Encrypt⢠SSL Certificate is FREE. But they provide it through their API. If you are not a programmer, you need to study and practice programming for years to be able to use the API of Letâs Encrypt⢠to generate a single Free SSL Certificate for your WordPress website.
Here is where âAuto-Install Free SSLâ comes into play. With this WordPress plugin, you can generate the Letâs Encrypt⢠Free SSL Certificate with ease! You donât need to have programming or coding experience to set it up. All you need is a few minutes. Yes! You read it right!
171,500+ DOWNLOADS
Minimum System Requirements
- Linux hosting (windows hosting is not supported at this time)
- WordPress 4.1
- PHP 5.6
- OpenSSL extension
- Curl extension
- PHP directive allow_url_fopen = On
FREE PLUGIN FEATURES
- Generate and renew Free SSL Certificate.
- One-click Download the generated SSL certificate, Private key, and CA Bundle files.
- Video tutorial on cPanel: (1) How to upload HTTP-01 challenge files to verify domain ownership. (2) How to Install the Free SSL Certificate.
- Written tutorial on Plesk for the above two topics.
- One-click Force SSL activation, i.e., HTTPS redirect, fix insecure links and mixed content warning, display the padlock in the browserâs address bar with ONLY ONE CLICK.
- One-click revert to HTTP if required.
- Automatic renewal reminder by email before the SSL expiry.
Â
Use this plugin only for HTTPS redirects too
If your WordPress website has an SSL certificate installed and you are looking ONLY for Force SSL activation (i.e., HTTPS redirect, fix insecure content), you can use the FREE version.
PREMIUM PLUGIN FEATURES
- Automatic Verification of Domain Ownership.
- Automatic Generation of Free SSL Certificate.
- Automatic Installation of Free SSL Certificate (cPanel is required for automation). [If you don’t have cPanel, we’ll Install the SSL manually for the first time and provide documentation on how to install SSL manually].
- Automatic Renewal of Free SSL Certificate (30 days before expiry).
- No need to set the Cron Job manually. It works by default.
- One-click Force SSL activation.
- One-click revert to HTTP if required.
- One-to-one Premium Support.
- Automatic WildCard SSL certificate for free! (Generation and installation of an SSL certificate for a domain that covers all its sub-domains.)
- Automatically sets the DNS TXT record to verify the domain and generate WildCard SSL (supported DNS service providers: Cloudflare, Godaddy, Namecheap, and cPanel.)
- Supports Multisite.
- Works on all the websites hosted on a cPanel / web hosting.
- SSL installation training for non-cPanel websites.
- You can revoke any SSL certificate and change your Letâs Encrypt⢠account key if you need it.
Benefits of installing an SSL certificate on your WordPress website
-
Protect your usersâ data: If an SSL certificate is installed, your WordPress websiteâs data travels through the internet with 2048-bit (or more) encryption. No computer or hacker in-between can read your usersâ encrypted data. Only the intended recipient (usersâ browser or your server) can decrypt and read the encrypted data. The data may be credit card-like critical payment details, user input with a contact form, or a simple login form.
-
Display PADLOCK: Installing an SSL certificate is not optional anymore, even if your WordPress website doesnât accept credit cards. Since July 2018 with the release of version 68, Google Chrome started to mark all HTTP (no SSL) websites as âNot secureâ, even if it doesn’t accept user input. All other browsers followed the same path. All the browsers display a secured PADLOCK in the address bar when users visit an SSL-secured website.
-
Boost the Search Engine Ranking: Google and other search engines aim to create a secure web. So the search engines now favor SSL-secured HTTPS websites and discourage insecure ones in the search results. If your WordPress website doesnât have an SSL certificate installed you are missing something big, in terms of SEO and staying away from potential customers.
-
Gain the trust of your users: If users see the secured PADLOCK and HTTPS connection in the URL, they are assured that your website is secured. Now you are gaining the trust of your potential customers. They are confident to purchase your product or service.
Support and Report a Bug
Please check the existing topics in the WordPress support forum before creating a new topic for support or reporting a bug.
âAUTO-INSTALL FREE SSLâ IN YOUR LANGUAGE?
If you would like to translate in your language, translations can be added very easily here.
Credits
- Let’s Encryptâ˘
- I developed this plugin based on the PHP client/app âFreeSSL.tech Autoâ, which I developed with a massive rewrite of Lescript.
- cPanel
Let’s Encrypt⢠is a trademark of the Internet Security Research Group. All rights reserved.
Screenshots
Admin Menu of 'Auto-Install Free SSL' The first step to generating a Free SSL Certificate Second step: verify domain by uploading the challenge files Final step: download the generated SSL files and install on the server Only step [Pro]: one-click installation of Free SSL Certificate SSL certificate has been generated and installed with a single click [Pro] Information of the installed SSL from the browser The SSL will be automatically renewed before expiry [Pro] Email confirmation when the plugin automatically renew and install a free SSL certificate [Pro] Activate Force HTTPS and get the padlock with one-click Automated email with a link to revert to HTTP Revert to HTTP option in the plugin's dashboard
Installation
(Please check the Details tab for MINIMUM SYSTEM REQUIREMENTS.)
Video Tutorial: [cPanel] How to install the plugin and generate & install a Free SSL Certificate for your WordPress website
AUTOMATIC INSTALLATION (POPULAR AND EASIEST)
- Log in to the dashboard (backend/ admin area) of your WordPress website.
- Then navigate to the âPluginsâ menu in the sidebar, and click the âAdd Newâ option.
- In the âSearch pluginsâŚâ field type this keyword: âAuto-Install Free SSLâ or, you may type âAuto-Installâ too.
- Once you found this plugin, you can click âMore Detailsâ and then click the âInstall Nowâ button.
- Finally, click the âActivateâ button.
Now, check the AFTER ACTIVATION section below.
MANUAL INSTALLATION
- Download the âAuto-Install Free SSLâ plugin zip file by clicking the âDownloadâ button at the top-right of this page.
Now check either the cPanel or FTP section below. If your web hosting control panel is other than cPanel, the steps are similar to cPanel.
cPanel
- Log in to your cPanel and click the âFile Managerâ menu.
- Browse to the document root of your WordPress website and then open the
/wp-content/plugins/
directory. - Click the âUploadâ menu at the top.
- You see a new window. Drag and drop the pluginâs zip file. It will be uploaded in a few seconds (depending on the speed of your internet connection). Click Go Back to â/home/username/public_html/wp-site-document-root/wp-content/pluginsâ link at the bottom.
- Right-click on the pluginâs zip file and click âExtractâ and then click the âExtract Filesâ button. After complete, you get Extraction Results. Click the âCloseâ button here.
- Click the âGoâ button (at the top-left) to refresh the directory structure. You see the âauto-install-free-sslâ directory here.
- Now check the point-number 2 below.
FTP
- Extract the pluginâs zip file to your computer. You see a folder âauto-install-free-ssl.3.0.3â (youâll see the latest version in place of 3.0.3) and inside it, the âauto-install-free-sslâ folder. You need to upload this.
- Log in to your web server with your favorite FTP client (e.g. FileZilla).
- Browse to the document root of your WordPress website and then the
/wp-content/plugins/
directory. - Upload the âauto-install-free-sslâ folder here.
- Now check the point-number 2 below.
2.- Log in to your WordPress dashboard and go to the âPluginsâ page. You see âAuto-Install Free SSLâ is listed here. Click the âActivateâ option here. Youâre done!
AFTER ACTIVATION
After activating âAuto-Install Free SSLâ youâll be redirected to a page (powered by freemius) where we request you to opt-in to our security & feature update notifications and non-sensitive diagnostic tracking. We appreciate your help in making the plugin better by letting us track a few non-sensitive usage data. Youâll get links there to learn about this in detail. Then you may or may not allow us to opt-in as per your wish.
Â
How to generate a Free SSL Certificate
Generating a free SSL certificate is very easy and straightforward. Please follow the steps below:
- After the previous step, youâll be redirected to the Generate SSL page (in most cases). Otherwise, navigate to the âAuto-Install Free SSLâ menu in the sidebar, and click the âGenerate SSLâ option. Screenshot here.
- On the next page, i.e., the âGenerate Free SSL Certificateâ page, read & agree to the Let’s Encrypt Subscriber Agreement and FreeSSL.tech Terms of Service & Privacy Policy by clicking the relevant checkboxes. Then click the âGenerate Free SSLâ button, and in the confirmation dialog box click âOKâ. Screenshot here.
- Wait a few seconds. Then you see the second step: âVerify Domainâ. Please check the screenshot. You have two methods, HTTP-01 and DNS-01, to verify your domain ownership. You need to complete any one method. Here we are discussing the HTTP-01 method only. Because it is the most popular, easiest, and most time-saving method.
HTTP-01
HTTP-01 tab is selected by default. Please follow these steps:
- Log in to your web server with an FTP client (e.g. FileZilla) or the file manager of your web hosting control panel.
- Browse to the document root of your WordPress website. It will be like:
/home/username/public_html/wp-site
. Create a directory â.well-knownâ and create another directory âacme-challengeâ inside the â.well-knownâ directory. - Click the links âChallenge File 1â and âChallenge File 2â to download the HTTP-01 challenge files. Please remember that if the www. alias of your WordPress website doesnât point to your web server (i.e., offline) you get only one challenge file.
- Upload the downloaded challenge files to the âacme-challengeâ directory.
- Uploaded files should be available at âLink 1â and âLink 2â. Please click the links. The content/text of the links should EXACTLY match the content of the downloaded files. If it matched correctly, then click the âVerify Domain & Get SSLâ button, and in the confirmation dialog box click âOKâ.
Now wait a few seconds and you see a free SSL certificate has been issued to your WordPress website. The page looks like this screenshot. Download the SSL, Private Key, and CA Bundle files (.pem) by clicking on the given links.
After this, log in to your web hosting control panel and install the SSL certificate on your WordPress website.
Â
How to install the SSL certificate with cPanel
- Log in to your cPanel.
- In the âSearch Toolsâ text box (on the upper-right corner) type âSSLâ (the lower case will also work).
- You get a few search results instantly. Click on the âSSL/TLSâ. (Donât click on the âSSL/TLS Statusâ.)
- On the SSL/TLS page, you get an option âINSTALL AND MANAGE SSL FOR YOUR SITE (HTTPS)â at the bottom with a link âManage SSL sites.â Click on it.
- On the next page, i.e., âManage SSL Hostsâ, you get a section at the bottom of the page âInstall an SSL Websiteâ. Here you get a form to install the SSL certificate.
- From the âSelect a Domainâ drop-down menu, select the domain of your WordPress website.
- Open the âcertificate.pemâ file (you downloaded it) in a text editor and copy all its content/text including â—–BEGIN CERTIFICATE—–â and â—–END CERTIFICATE—–â. Paste it in the âCertificate: (CRT)â text area.
- Similarly, paste all the content of the âprivate.pemâ file in the âPrivate Key (KEY)â text area.
- Then paste all the content of the âcabundle.pemâ file in the âCertificate Authority Bundle: (CABUNDLE)â text area.
- Now click the âInstall Certificateâ button and wait just a few seconds. Then you get the confirmation dialog box âSSL Host Successfully Installed.â Click âOKâ.
Â
How to install the SSL certificate with Plesk
- Log in to your Plesk control panel.
- Click the âWebsites & Domainsâ option in the left menu.
- Click on the website for which you need an SSL certificate. There are several options under it.
- Click the option âSSL/TLS Certificatesâ.
- On the next page, in the âDownload or remove existing certificatesâ option, click the âManageâ button.
- On the next page, click the âAdd SSL/TLS Certificateâ button.
- You got the âAdd SSL/TLS Certificateâ page.
- In the âCertificate Nameâ text field, write a name.
- You got a section at the bottom of the page âUpload the certificate as textâ. Here you have a form to install the SSL certificate.
- Open the âcertificate.pemâ file (you downloaded it) in a text editor and copy all its content including âââBEGIN CERTIFICATEâââ and âââEND CERTIFICATEâââ. Paste it in the âCertificateâ text area of Plesk.
- Similarly, paste all the content of the âprivate.pemâ file in the âPrivate keyâ text area of Plesk.
- Then paste all the content of the âcabundle.pemâ file in the âCA certificateâ text area of Plesk.
- Now click the âUpload Certificateâ button.
- The uploaded SSL certificate is listed on the next page.
- Again, click âWebsites & Domainsâ in the left menu.
- Click the website for which you need an SSL certificate.
- Click the âHosting & DNSâ tab and click the âHosting Settingsâ option.
- On the next page, i.e., the âHosting Settingsâ page, click the âCertificateâ selection field and select the certificate we just uploaded.
- Click the âApplyâ button and then click âOKâ.
- Congratulations! The SSL certificate has been installed successfully.
Now you can access your website with âhttps://â.
If your web hosting control panel is anything other than cPanel, the options will be different but the concept is similar.
NOTE: The free SSL certificate issued by Letâs Encrypt expires in 90 days. They recommend renewing 30 days prior to expiry. So you need to spend time repeating the process of generating and installing an SSL certificate every 60 days.
Click the âRe-generate (renew) SSLâ button to start renewing.
However, the premium version of this plugin generates (issue/renew) and installs the free SSL certificate automatically. Please check the video tutorial (1:42 min) below and see how easy it is.
Are you interested? Click here to BUY the PREMIUM VERSION.
Â
How to Activate Force HTTPS / HTTPS Redirect
After installing the SSL certificate, please perform the following steps:
- In your WordPress dashboard, navigate to the âAuto-Install Free SSLâ menu in the sidebar, and click the âForce HTTPSâ menu.
- On the next page, click the âActivate Force HTTPSâ button. The click OK.
- You’ll be logged out and redirected to the WordPress log-in page. Please log in again.
- Now refresh the website’s home page. You’ll get the padlock.
FAQ
-
How do I install the âAuto-Install Free SSLâ plugin?
-
Please check the installation tab.
-
Does installing the plugin will instantly turn my site HTTPS?
-
After installing this plugin you need to do some steps. Please check the âAFTER ACTIVATIONâ section in the installation tab.
-
My website doesn’t accept credit cards. Why do I need an SSL certificate?
-
Please check âBenefits of installing an SSL certificate on your WordPress websiteâ above.
-
How do I generate a free SSL certificate?
-
Please check the installation tab.
-
How do I install an SSL certificate on my WordPress website?
-
Please check the installation tab.
-
I have installed an SSL certificate but still donât see any PADLOCK in the browserâs address bar. Why?
-
Please visit the pluginâs default page and click the âActivate Force HTTPSâ button.
-
How do I deactivate the HTTPS redirect?
-
Please click the âRevert to HTTPâ button on the pluginâs default page.
Alternatively, open the email that you received after activating the HTTPS redirect (or Force HTTPS), and click the link given there to deactivate HTTPS redirect and revert to HTTP. The subject line of that email is â’Auto-Install Free SSLâ has activated Force HTTPS on your website YourDomain.comâ. [Replace YourDomain.com with your WordPress websiteâs domain].
-
[Pro] Why do you need my cPanel password (or API Token) when others Let’s Encrypt clients donât?
-
cPanel username and password (or API Token) is required to install the free SSL certificate automatically with the cPanel API. Let’s Encrypt SSL’s lifetime is 90 days. You need to get and install another SSL certificate before the expiration of the current SSL. If you provide your cPanel username and password (or API Token), this plugin will do this repeated job automatically. All your credentials remain safe in your database. Moreover, âAuto-Install Free SSLâ encrypts the password (or API Token) before saving in your database.
All other Let’s Encrypt clients who auto-install free SSL certificate, needs root access, which is a higher privilege than the cPanel user. In shared hosting, the root access belongs to the web hosting company. So those clients will not work on shared hosting.
-
[Pro] Does this WordPress plugin send the cPanel username and cPanel password (or API Token) to your server or to Let’s Encrypt?
-
We or Let’s Encrypt don’t collect any credentials. This pluginâs source code is open for audit. The team WordPress approved it after the audit (when the automation feature was free). Please feel free to audit yourself too.
-
[Pro] How do I create the cron job for automation?
-
You don’t need to set the Cron Job manually. It works by default (from version 3.0.0). However, âAuto-Install Free SSLâ has an option to add the cron job with one click from your WordPress dashboard (available for unlimited sites license and it’s optional).
-
[Pro] I received the confirmation email but didn’t receive the cron output by email. Why?
-
Since version 3.0.0, You can access the cron output by clicking the âLogâ menu.
If you have an unlimited site license and created a cron job manually, make sure you have provided your email address in the âCron Emailâ section of the Cron Jobs page of cPanel.
Reviews
Contributors & Developers
“One-Click Free SSL Certificate Plugin for WordPress, HTTPS Redirect – Auto-Install Free SSL” is open source software. The following people have contributed to this plugin.
ContributorsInterested in development?
Browse the code, check out the SVN repository, or subscribe to the development log by RSS.
Changelog
3.1.0
- Added a new page and menu for âActivate Force HTTPSâ.
- Added a button in the header âForce HTTPSâ to easily access the option.
- Improved Generate SSL (manually) page: (1) At step 3, changed the position of the Video Tutorial âcPanel: How to Install SSL Certificateâ, so that users can access it easily. (2) Moved âActivate Force HTTPSâ option at the bottom of this page (step 3). (3) Show âActivate Force HTTPSâ option only if an SSL certificate has been generated but Force HTTPS is not activated (step 3).
- Added Tutorial content with Generate SSL (manually) page: (1) Video Tutorial âcPanel: How to upload HTTP-01 challenge filesâ (step two). (2) Written Tutorial âPlesk: How to upload HTTP-01 challenge filesâ (step 2). (3) Written Tutorial âPlesk: How to Install SSL Certificateâ (step 2).
- [Pro] Improved cPanel Settings: (1) Added clear information that users need to use either an API Token or Password. Not both. (If the license is not for unlimited websites). (2) Changed the position of the Short Video Tutorial âHow to Create API Tokens in cPanelâ, so that users can access it easily. (3) Removed âActivate Force HTTPSâ option from the cPanel settings page. (4) Fixed the issue with checking whether password is filled in, if the user opted to generate wildcard SSL certificate.
- [Pro] Added separate Support Forum URL for the premium version users, so that they don’t post at the WordPress.org Support Forum.
- [Pro] Added filter to show the contact submenu item only when the user have a valid non-expired license.
3.0.7
- Updated the Freemius WordPress SDK to version 2.4.5.
- [Pro] Improved Exclude Domains settings.
- [Pro] Fixed an issue with the function sslRequiredForFirstTime() that detects whether the plugin is generating SSL certificate for the first time.
3.0.6
- Advanced detection of the users who were using the plugin since free only version (v2).
- Changed menu icon and menu position.
- Improvement in header styling.
- [Pro] Added new function to check cPanel connectivity.
- Added new comparison table to help understand the difference between free and pro version better.
3.0.5
- Affiliate program launched – any one can join.
- Fixed an issue with PHP 8.
- [Pro] Added cPanel authentication with API Token. Users can provide API Token instead of Password.
- [Pro] Improved cPanel Settings logging.
3.0.4
- Updated the freemius WP SDK to version 2.4.4.
- Updated: keep SSL log for 90 days.
- Fixed issue with admin alerts.
- Improved the content of readme.txt.
3.0.3
- Fixed some issues for smooth upgrade from version 2 to Free version 3.
- Improved a few text.
3.0.2
- Fixed a function name conflict with Form Maker Pro plugin.
- Improved auto-detection [Pro] whether the plugin was used for multi-domain. This helps smooth upgrading to the Pro version 3 from version 2.
3.0.1
- Fixed an issue displaying the FREE Premium License offer (with admin notice) for the Existing users, who are upgrading from the free version 2.2.3 or earlier.
3.0.0
- Compatible with WordPress 6.0
- Fixed an issue displaying the âActivate Force HTTPSâ button.
- Improved âActivate Force HTTPSâ feature.
- Added a new feature to save the log for 45 days and easy access from the menu.
- Improvement in the layout.
- Fixed an issue with the parameter of function getDomainPath(), which returns the domain path.
- As per the announcement dated November 3, 2020, we are releasing the premium/pro version, which is fully automated and this free version doesn’t have any automation feature. We are offering a 6-month FREE premium license to all existing users (who are upgrading from the free version 2.2.3 or earlier). This FREE premium license is valid until December 31, 2022.
Existing users need to upgrade the free plugin to version 3.0.0, then theyâll get the option to request the Premium License for FREE. - Improved setup process [Pro] Users can set it up within one minute in the single domain mode.
- Improved cPanel Settings [Pro]
- Improved Cron job [Pro] No need to manually configure the cron job. It is activated by default with WP cron.
- Improved âIssue and install Free SSL certificateâ option [Pro] Now users can view the server-generated event messages in real-time with a terminal-like interface, with SSE.
- Improved data entry [Pro] A few essential data are prefilled automatically.
2.2.2
- Fixed conflict with âPost SMTP Mailer/Email Logâ plugin.
- Fixed an issue to make it translation ready.
- Announcement to restructure the features.
2.2.1
- Removes parameter type declaration of the function connect_over_ssl() to make the plugin compatible with PHP 5.6. This function has been added in the version 2.2.0.
2.2.0
- Adds validation with the âActivate Force HTTPSâ option. Now it works only if a valid SSL installed on the website.
- Changed the support link that appears in the footer of the admin pages.
2.1.7
- Fixed a bug with âIssue and install Free SSL certificateâ option
- Improved the layout of âIssue and install Free SSL certificateâ option
2.1.6
- Adds video guide: How to Configure this Plugin and set up Automation
2.1.5
- Fixed minor error in the file DnsServiceProvidersSettings.php that throws PHP Notice: Undefined index: use_wildcard
2.1.4
- Improves âAdd Cron Jobâ option.
- Adds two video guides: âHow to add a Cron Job in a minute on cPanel shared hostingâ and âHow to Install Free SSL Certificate on cPanel Shared Hostingâ.
- Adds FAQ.
2.1.3
- Improves Force HTTPS feature. Regenerating dynamic CSS with premium themes will include HTTPS and remove the not secure warning in browsers.
2.1.2
- Fixed a bug with the dashboard of Auto-Install Free SSL.
2.1.1
- Fixed issue with the encryption key.
- Adds admin notification and sends an email to admin in case the encryption key was changed due to a previous update.
2.1.0
- Improves internal validation (HTTP-01 challenge) – Before the domain ownership validation with Let’s Encrypt, if the payload content doesn’t match with content of the challenge URI (in internal check), attempt for automatic fix with .htaccess rules in two different ways.
- Improves cPanel Settings option.
- Improves Temporary SSL option.
2.0.1
- Fixed issues with PHP 5.6, 7.0 and 7.2
2.0.0
- Adds the option to Activate Force HTTPS and remove mixed content warning with a single click. This feature will make the padlock visible in the browser’s address bar.
- Removes the option to choose Let’s Encrypt ACME version. The plugin now uses ACME V2 only. Because V1 is reaching the end of life soon.
1.1.0
- Fixed issue with cron job
1.0.0
- Initial release