Free SSL Certificate WordPress Plugin, HTTPS Redirect, Renewal Reminder – Auto-Install Free SSL

Please click here to learn about plugin installation.

Sorry, it doesn't. Installing the plugin and installing SSL certificates are two different processes. After installing this plugin, you need to do some steps. Please check the 'AFTER ACTIVATION' section in the documentation. However, the Premium plugin installs SSL certificates with complete automation. Please check the video tutorial (1:42 min) at the top of this page and see how easy it is.

Please check the 'Benefits of installing an SSL certificate on your WordPress website' above.

Please check the documentation. This documentation is for the free version of the plugin. If you want complete automation, please check the Premium version's video tutorial (1:42 min) at the top of this page.

Please click here to learn about installing an SSL certificate on your WordPress website. FYI, the Premium version installs SSL certificates with complete automation.

Please check the log. It is located in the plugin menu. Most probably, you see an error saying 'unable to register the account' along with the following text in the log: urn:ietf:params:acme:error:invalidEmail Let's Encrypt™ API throws this error if an invalid email was set as the admin email of your WordPress website, for example, "yourname@yourdomain.mamp" or "anything@example.com". Let's Encrypt™ expects we should register an account with a working email. To fix this, please update this plugin to the latest version and try generating the SSL again. Then you'll get a text field to update the admin email address. Feel free to contact us through the WordPress support forum if you still need help with any issues (with the complete log).

Please visit the plugin's 'Force HTTPS' page and click the 'Activate Force HTTPS' button.

This is a temporary issue. You may wait 24 hours or follow these steps: Please access your website with HTTPS (e.g., https://example.com). If you are sure that the SSL certificate is installed correctly and the padlock is visible, please log in to your WordPress dashboard, open a new tab, write the following URL in the address bar by replacing 'www.example.com' with your domain name, and hit enter: http://www.example.com/wp-admin/admin.php?page=aifs_force_https&aifsaction=aifs_force_https_override&checked_ssl_manually=done&valid_ssl_installed=yes

Please click the 'Revert to HTTP' button on the plugin's 'Force HTTPS' page. Alternatively, open the email you received after activating the HTTPS redirect (or Force HTTPS) and click the link to deactivate HTTPS redirect and revert to HTTP. The subject line of that email is "'Auto-Install Free SSL' has activated Force HTTPS on your website YourDomain.com". [Replace YourDomain.com with your WordPress website's domain].

If your website is accessible with WWW and non-WWW versions of the domain name (e.g., www.example.com and example.com) and both A record points to the same IP address, our plugin will include both versions in the free SSL certificate.

The validity period of free HTTPS certificate being 90 days is not a trial but rather a design choice of Let's Encrypt™ that prioritizes security. With shorter validity periods, Let's Encrypt™ encourages frequent certificate renewal, ensuring that websites always have up-to-date and secure certificates. This approach reduces the potential impact of compromised certificates. The premium version of this plugin renews SSL certificates automatically. Automated renewal processes also make it easier for website owners to maintain security without manual intervention. While the 90-day validity might seem short, the automated renewal process ensures seamless and continuous protection for your website's users. Please click here to learn the statement of Let's Encrypt™.

Let's Encrypt™ issues SSL certificates for domain names rather than bare IP addresses. Free TLS certificates are designed to secure domain names, providing encrypted connections between users and websites. Using SSL certificates with domain names is considered the industry's best practice. If you're looking to secure a website, it's recommended to associate a domain name with the IP address rather than using the bare IP address. This enhances the user experience and aligns with security and usability standards.

Let's Encrypt™ does not issue SSL certificates for localhost. Let's Encrypt™ certificates are intended for public domain names, which are accessible via the internet for the domain control validation (DCV) process. Since localhost is a local server and a hostname used for development, it is not publicly accessible and cannot be validated online using the HTTP-01 challenge (the most common method). After you complete developing the website in the local development environment, please do the following to secure your website with a free SSL certificate:

1. Use an existing web hosting server or hire a new one that is publicly accessible, i.e., available online.
2. Use an existing domain name or purchase a new domain name.
3. Associate the domain name with the IP address or nameservers of the online web hosting server, i.e., set A records or NS records.
4. Migrate the website from your local development environment to the online web hosting server using a Migration and Backup Plugin, like 'Duplicator'.
5. If the domain name mentioned in steps 2 and 3 is different from your local hostname, replace it with the new domain name across all database tables using a plugin like 'Better Search Replace'.

It is possible only if you can use the DNS-01 challenge for the domain control validation (DCV). However, using the HTTP-01 challenge (the most common method), it is not possible. If you map a registered domain name to a localhost IP address, it is still a localhost and can't be accessed online. This means that the domain name is only accessible from your local computer and cannot be used to get a free SSL certificate from Let's Encrypt™ using the HTTP-01 challenge. For more details, please refer to the previous FAQ.

Let's Encrypt™ issues free SSL certificates only after successful domain control validation (DCV). Let's Encrypt™ HTTP-01 challenge works by creating a specific text file with specific content in a specified directory (.well-known/acme-challenge/) of the document root of the website, as defined by the ACME standard. The file name and its content are variable. Our plugin creates this file with the specific text by automatically communicating with the Let's Encrypt™ API server, and as per their requirements. Users of the free version can download the static file and upload it to the specified directory. The premium plugin uploads this file to the specified directory automatically. It's the responsibility of your web server to make the static file available at the specific public URL. This is the standard behavior of every web server. To validate your domain control, Let's Encrypt™ API server accesses the specific URL and checks if the file's content is valid. For example, the file at the following URL: http://yourdomain.com/.well-known/acme-challenge/pqv-gjW9kF0VjktRxdqpPNK-0tLA_n5ORCzuB71-Zog   Must return this exact content or text: pqv-gjW9kF0VjktRxdqpPNK-0tLA_n5ORCzuB71-Zog.aSOSwUGmotjVbnE_hY1u-2wwHhwyl5qtPLVr4COOSQs   If your web server (or hosting provider) purposefully blocks access to such files, Let's Encrypt™ cannot validate that you control the domain, and will not issue an SSL certificate for your domain name.

Please contact your web hosting provider and ask whether they allow Let's Encrypt™ API access to HTTP-01 challenge files. Optionally, follow these steps: create two directories (i.e., folders) '.well-known/acme-challenge/' in the document root of your domain name or website. Create a static file with the following file name: pqv-gjW9kF0VjktRxdqpPNK-0tLA_n5ORCzuB71-Zog   and without any file extension inside the '.well-known/acme-challenge/' folder. Copy the following content into the file and save it: pqv-gjW9kF0VjktRxdqpPNK-0tLA_n5ORCzuB71-Zog.aSOSwUGmotjVbnE_hY1u-2wwHhwyl5qtPLVr4COOSQs   Then try to access it over HTTP like the following URL: http://yourdomain.com/.well-known/acme-challenge/pqv-gjW9kF0VjktRxdqpPNK-0tLA_n5ORCzuB71-Zog   (Make sure to replace 'yourdomain.com' with your actual domain name.) If you can see the exact file content in your browser, your server is ready. However, some hosts allow you to view the file manually in a browser but block Let's Encrypt™ API from accessing it, which also causes failures. So, the best way is to ask your web hosting provider.

All other Let's Encrypt clients who auto-install free SSL certificates need root access, a higher privilege than the cPanel user. In shared hosting, the root access belongs to the web hosting company. So those clients will not work on shared hosting. cPanel username and password (or API Token) are required to install the free SSL certificate with the cPanel API automatically. Let's Encrypt SSL's lifetime is 90 days. You need to get and install another SSL certificate before the expiration of the current SSL. If you provide your cPanel username and password (or API Token), this plugin will do this repeated job automatically. All your credentials remain safe in your database. Moreover, 'Auto-Install Free SSL' encrypts the password (or API Token) before saving it in your database.

We or Let's Encrypt don't collect any credentials. This plugin's source code is open for audit. The WordPress team approved it after the audit. Please feel free to audit yourself too.

You don't need to set the Cron Job manually. It works by default (from version 3.0.0). However, 'Auto-Install Free SSL' can add an optional cron job with one click from your WordPress dashboard (available for unlimited sites license).

Since version 3.0.0, You can access the cron output by clicking the 'Log' menu. If you have an unlimited site license and created a cron job manually, ensure you have provided your email address in the 'Cron Email' section of the Cron Jobs page of cPanel.