How to Order Let’s Encrypt

Note that Let’s Encrypt is currently a Beta feature and unforeseen issues and bugs might be present. Also be aware that Let’s Encrypt is something that will be reissued every three months, meaning your site can break if your site isn’t correctly configured for this. For more information about our Beta feature programs, go to this article. Servebolt provides a range of other, more robust SSL options as well.

Some checks on your end must be done before ordering a Let’s Encrypt SSL certificate. This ensures that the certificate request will be verified and the certificate can be issued. Also, keep these checks in mind when developing your site. If something you’ve changed causes these checks to fail, reissuing Let’s Encrypt every three months will break.

Installation Process

The whole process of how Let’s Encrypt gets installed for your domain is as follows:

  1. An order for Let’s Encrypt on your domain is placed
  2. A validation file is placed in your .well-known directory
  3. The file gets validated over HTTP
  4. The Let’s Encrypt certificate gets issued 
  5. The Let’s Encrypt certificate gets installed on your domain in the Servebolt Admin Panel

Prepare Your Environment for Let’s Encrypt Validation

Time needed: 10 minutes

  1. DNS

    First, be sure that your domain is pointing to our server. The verification will not go through if it isn’t. You can always find which IP or hostname you need to point to under the server login information in our Admin Panel.

    Also, check that you don’t have any AAAA and/or CAA records present for your domain. If you do, then these need to be removed.

    NOTE: If you are using CDN services like Cloudflare or Sucuri, make sure that the DNS record is set to not proxy. If you use services like this, you can use our free self-signed option as an SSL instead.

  2. .htaccess

    Check your .htaccess file and see that nothing can interfere with the validation. This mainly concerns HTTP to HTTPS redirection, so be sure that the TXT file can be validated over HTTP. If you have redirection rules in place that need to be there, then you can follow this guide on excluding .well-known from being redirected.

  3. .htpasswd

    If you’re using .htpasswd to hide your site behind a username and password then that will also interfere with the HTTP validation step. But we have also covered that in our guide on how you can bypass .well-known from that.

  4. Admin Panel redirects

    Make sure that there are no “http -> https redirect” or “Domain-based redirect” configured in the Admin Panel of your site.

  5. Plugins

    Check if you have any plugins that might interfere with SSL. If you have a plugin like Really Simple SSL for example, that can interfere with the traffic to your site. We highly suggest you uninstall plugins like this, as most of their behavior is better done on the server level.

  6. Testing the HTTP validation

    When all the steps above have been completed, you can check the HTTP validation step with a test file. Simply make a TXT file that you place in .well-known. Then check if the TXT file is visible by requesting the path in your browser over HTTP:

    Accessing SSH:

    First log into your site with SSH:
    Run command: touch ~/public/.well-known/test.txt
    In your browser type in:
    If you see a blank page and “not secure” where it should be a padlock (on the left side of your URL), you’re all set!

    Here is how you would do this using SFTP:

    First log into your site with SFTP:
    Navigate to the .well-known directory inside of your ~/public/ directory. Right-click within the .well-known directory and “Create a new file”. Call the file “test.txt” for example.
    In your browser type in:
    If you see a blank page and “not secure” where it should be a padlock (on the left side of your URL), you’re all set!

  7. Other certificates

    Check that your domain doesn’t have any certificates already enabled. If it does, deactivate it. This will render your site insecure but fear not, the Let’s Encrypt certificate should validate within 10 minutes if everything else is correct.

  8. Ordering Let’s Encrypt

    Now that you’ve followed all 7 steps, you’re ready to order a Let’s Encrypt SSL for your domain. If you are a Servebolt client already, reach out to our Support at and we’ll set it up immediately!