A bit more explanation on the ZeroSSL part, since this is likely the route you’ll want to go. If you go tho the ZeroSSL page, you’ll see an option to get a free SSL certificate; this is the option for getting a Let’s Encrypt certificate. It will work you through the steps. You can leave the account key and CSR part blank - you don’t have these yet and it will generate them for you. There are two ways to verify that you own the domain(s) that you’re getting a certificate for when using ZeroSSL: by putting a file on your web server, or by making a special DNS entry. The first option is usually easier for less technical users. On your shared hosting, you have a place where you put your website files. In this directory, you’ll create a new directory called ‘.well-known’, and then inside that you’ll create one called ‘acme-challenge’. In here, you will place a specially-named text file with specific contents. ZeroSSL will give you the file you need. Once you put it here (and verify that you can access it), ZeroSSL will interface with Let’s Encrypt to get you the certificate.
The first time, it will provide you with several pieces of information:
- An account key
- the private key for your certificate
- your certificate
- a CA bundle
Save all these, and use the account key when you renew (must be done at least every 90 days as this is how long Let’s Encrypt certificates are valid for), and paste the contents of the other files into the respective areas on your shared hosting control panel, wherever you upload certificates.