Seriously..? Oh my.. That's just criminal.
In any case, adding it manually isn't that hard. Unfortunately, it would be someting which has to be done every 90 days (preferably earlier, about after 60 days to be on the safe side if something goes wrong!). That's why Let's Encrypt hammers so hard on automation. ZeroSSL certs are also short-lived, unless you'll willing to pay them too.
Anyway, you already have certbot installed on your computer, so why not get a free Let's Encrypt certificate, right?
The only difference this time is: earlier you ran certbot with
certbot certonly --standalone, now you're going to use
certbot certonly --manual. To make it easier on yourself, you can already enter some information for certbot on the command line too:
certbot certonly --manual -d axtwerfen.de -d www.axtwerfen.de
It will ask you something like this:
Create a file containing just this data:
And make it available on your web server at this URL:
It won't be those exact values, but different, but you just got to do what certbot is asking of you: make a extensionless file with that content at the top and rename it to the value after
/acme-challenge/ in the URL at the bottom.
Use whatever method you're regularly using to upload files to your webhosting. For example, you might use your hPanel like the guide for ZeroSSL is doing or you might be using FTP. It doesn't matter, as long as you put the file in the right directory (
/.well-known/acme-challenge/) of your site.
When you've uploaded that file, you should try to open that URL and check if you can access it. It should give that weird value you've put into it in your browser.
If you can open the URL in your browser, you can press ENTER to continue as asked by certbot. DON'T press enter before the file is accessible in your browser!
After you've pressed enter, you'll need to do the same for your
When both challenges have succesfully completed, certbot should have saved your brand new Let's Encrypt certificate and private key in
There you can upload the contents of
cert.pem as "Certificate (CRT)",
privkey.pem as "Private key (KEY)" and
chain.pem as "Certificate authority bundel (CABUNDLE)" in your hPanel.
By the way, you might want to check your websites configuration in general. If I go to http://axtwerfen.de (without the www) I just get the text "It works!" as a response, but when I surf to http://www.axtwerfen.de I can see your actual site? This might also prove a problem for getting a certificate for the
axtwerfen.de hostname without the
www, if Let's Encrypt can't reach the special file you've created earlier.