I use a bash script ( https://github.com/srvrco/getssl ) rather than the full LE script, or the website version I linked above.
First generate the certificate. I’m not sure how much instruction you need on that. If using the script above, copy the script to your server.
getssl -c your_domain_name.com
will then create a default set of config files for you.
then edit the config file getssl.cfg (I’m not sure if you prefer nano or vi or something else as an editor )
You will need to specify the correct ACL locations. If it’s for the server itself then it would be /usr/local/apache/htdocs/.well-known/acme-challenge if it’s for a domain hosted on there then it would be /home/username/public_html/.well-known/acme-challenge or you could use a DNS challenge …
and it should create the certificates for you in the ~/.getssl/your_domain_name.com folder.
Log into your WHM > Manage Service SSL Certificates ( for server level) or into cpanel for hosted domain level. and copy / paste the three certificates ( private key, domain certificate and Certificate Authority Bundle ) into the three boxes. Select the service you want it to apply to;
( Calendar, cPanel, WebDisk, Webmail, and WHM Services ,
Courier (IMAP) Mail Server
Courier (POP3) Mail Server
Exim (SMTP) Server
FTP Server )
Check in /etc/httpd/conf/httpd.conf for where it links to the correct certificates ( by default for server level I think it’s ;
You can then place these three certificate locations in the config file for the bash script if using that - and it can then auto renew, without you needing to perform the manual step )
Alternatively, search for “cpanel” on this forum, and I’m pretty sure there are some links to scripts specifically written for cpanel. I haven’t used them though, as I use the above bash script, so can’t verify how well they work.