### How to Install a Let's Encrypt SSL Certificate from cPanel
Let's Encrypt provides free, automated SSL/TLS certificates that you can easily install via cPanel on your gptservers.net hosting account. This process uses cPanel's built-in **AutoSSL** feature, which integrates with Let's Encrypt to issue and renew certificates automatically (typically every 90 days). If AutoSSL isn't enabled or you prefer manual installation, cPanel may offer a dedicated "Let's Encrypt" tool—check your Security section.
#### Prerequisites
Before starting:
- Your domain (and `www` subdomain) must point to your cPanel account's server IP address. Verify this via DNS settings at your domain registrar.
- Parked or addon domains included in the certificate must also resolve to the same IP, or temporarily remove them to avoid installation failures.
- DNS propagation may take up to 48 hours; ensure your site is accessible via HTTP first.
- If using third-party DNS, wildcard certificates (`*.domain.com`) require DNS hosting on your cPanel server.
If your hosting plan doesn't have AutoSSL enabled, contact gptservers.net support at support@gptservers.net.
#### Step-by-Step Installation
1. **Log in to cPanel**:
Access your cPanel dashboard at `https://yourdomain.com/cpanel` (or via your gptservers.net Client Area).
2. **Navigate to SSL/TLS Status**:
Scroll to the **Security** section and click **SSL/TLS Status**. This displays all domains/subdomains on your account.
3. **Select Domains**:
Check the box(es) next to the domain(s) or subdomain(s) you want to secure (e.g., your main domain and `www`).
4. **Run AutoSSL**:
Click **Run AutoSSL** at the bottom of the page. cPanel will request a Let's Encrypt certificate, validate ownership via HTTP-01 challenge, and install it automatically.
- The process usually takes a few minutes. You'll see a status update like "Certificate installed successfully."
- If it fails (e.g., due to DNS issues), check the error log and resolve before retrying.
5. **Verify Installation**:
- Return to **SSL/TLS Status**—the domain should show a green lock icon and "Valid" status under the **AutoSSL Domain Control** column.
- Visit `https://yourdomain.com` in a browser; you should see a padlock and no security warnings.
- Use tools like SSL Labs (ssllabs.com/ssltest) for a full report.
#### Enabling HTTPS Redirect (Recommended)
To force all traffic to HTTPS:
1. In cPanel, go to **Domains** (under the Domains section).
2. Find your domain and toggle **Force HTTPS Redirect** to "On."
- This automatically redirects HTTP to HTTPS without editing `.htaccess`.
- Save changes—it takes effect immediately.
#### Renewal and Management
- AutoSSL handles renewals automatically before expiration (Let's Encrypt certificates last 90 days).
- To manually renew: In **SSL/TLS Status**, select the domain and click **Run AutoSSL**.
- View or manage certificates: Go to **Security** > **SSL/TLS** > **Certificates (CRT)** to see issued Let's Encrypt certs (look for "Let's Encrypt" in the Issuer column).
- Limits: Let's Encrypt allows up to 50 certificates per registered domain per week—avoid frequent reissues.
#### Troubleshooting Common Issues
- **Installation Fails**: Ensure DNS points correctly; clear any parked domains not resolving to your server. Wait for propagation if recently changed.
- **Mixed Content Errors**: Update internal links/images to HTTPS in your site's code (e.g., via WordPress plugins like Really Simple SSL).
- **No AutoSSL Option**: Your host may need to enable the Let's Encrypt provider in WHM. Submit a support ticket to gptservers.net.
- **Wildcard Not Working**: Host DNS locally on cPanel; third-party DNS doesn't support the DNS-01 challenge for wildcards.
For more details, refer to cPanel's official documentation or contact gptservers.net support. This setup secures your site with HTTPS, improving SEO and user trust!
