I purchased a domain and hosting through hostgator and I’m trying to get SSL for it. I went into the SSH and ran all the commands it said to on the website (gethttpsforfree.com), but when I get to step three, I run the commands and copy over all four hex codes, however when I hit validate it just say errors and tells me to go back to step one.
I tried using certbot previously but couldn’t figure out how to get that to work either. I can generate the public key and CSR no problem. I also checked to see where it was putting account.key, and it is right in the main directory with all the other main folders (so ./account.key should be correct). Any ideas?
(Basically you will have to pay Hostgator $10 for the initial installation and then $10 every 3 months for renewals. At least with the shared hosting.)
Thanks for the answer! I want to ZeroSSL on step three it asks me to put the files in the “webroot/.well-known/acme-challenge/” directory. I can’t seem to find that on the web server. Do I need to just make it?
Also, I need to just make two text files and put them in that? What do I call them?
It is actually a 2nd step (Verification) that does indeed ask for verification files to be created (if HTTP verification method was selected). The name and the content of the file are actually given on the page (see values for the "File" and "Text"). For example, you might see something like:
That means the file named "gd03MVyGNocNAlh3Wa2M" with the content of "gd03MVyGNocNAlh3Wa2M.BxH4BWTQgqZwPGYxi7DX" (without quotes) should be put in directory .well-known/acme-challenge under "webroot". As page mentions, "webroot" is basically the main directory with your website pages.
Creating the directory is as simple as running
mkdir -p ./.well-known/acme-challenge/
while being in that "webroot". And then, creating a required file could be done similar to:
So the hardest part in HTTP verification for you is to know where your "webroot" really is. You could probably use your FTP client as well to create those files and folders. Alternatively, you can try DNS verification (which does not require working with files, but requires creating a TXT record in your DNS).
I have a similar problem when using ZeroSSL. I created folder “.well-known/acme-challenge/” and put the suggested text file in it. However, since I am not allowed to altered the settings on the web hosting server, the access to the file is denied. I guess it is because the “.well-known” folder is hidden under Linux environment. What would you suggest? I do not have a full control over the server. I can only FTP and manage it via web browsers. I wish the folder was not hidden.
Thanks for the reply. I know about the period making it hidden. I tried adding .htaccess in both directories with
Order allow,deny
Allow from all
I’m not sure whether that is how it should be done or not and has something to do with the master access control or something. Anyway, it still gave me the 404 error.
As I said, I don’t have the full control over the server since it is a web hosting service. T__T
I’d start by just checking the .well-known directory,
What are the permissions on this directory ? ( 755 ? ) and if you place a plain text file in that directory, with permissions 755, can you access it from the web ?
@kaptanteo Since you said that you have even created am index.html and still getting 404 (Not found, rather than 403 - forbidden), the issue might be that .well-known is not created in the right place. As I mentioned above, you need to be in your “webroot” folder (basically the top folder of where your pages are) and use “mkdir -p ./.well-known/acme-challenge/” to create a proper directory. Then a file should be put into it. Please make sure that you have created the folders correctly. If it still doesn’t work, you can use a contact form on ZeroSSL, and I could try helping you directly.
@leader Of course, the folder is in the webroot. I tried renaming hidden .well-known to visible well-known and could access the test index.html just fine. I will try to contact you via the ZeroSSL. Thanks a lot.
