cPanel ACME SSL Installer

cpanel-acme-ssl-installer is a cross-platform Node.js CLI for issuing Let's Encrypt SSL certificates and installing them directly into cPanel shared hosting accounts. It is built for developers, agencies, and hosting users who need a practical AutoSSL alternative for cPanel with support for wildcard SSL, dns-01, and http-01 validation.

Features

• Interactive CLI with the cpanel-acme-ssl command
• Works on Windows, macOS, and Linux with Node.js 18.17+
• Connects to cPanel and lists available domains
• Saves reusable cPanel accounts locally
• Supports dns-01 and http-01 challenges
• Supports wildcard certificates through dns-01
• Can auto-create DNS TXT records through cPanel when zone editing is available
• Can auto-upload HTTP challenge files through cPanel Fileman when available
• Installs the issued certificate and CA bundle into cPanel automatically

Best For

• cPanel shared hosting accounts that do not include free AutoSSL
• Let's Encrypt SSL installation on shared hosting without leaving the terminal
• Wildcard SSL certificates on cPanel using dns-01
• Hosting teams and agencies managing SSL for multiple cPanel accounts

Why This Exists

Some shared hosting plans do not include free AutoSSL or make SSL management harder than it needs to be. This project gives users a guided CLI workflow for Let's Encrypt on cPanel, so they can issue and install certificates without manually juggling ACME steps, DNS records, or SSL uploads.

Requirements

• Node.js 18.17 or newer
• A cPanel account with access to SSL installation
• Domain information access in cPanel
• Zone editing access if you want automatic dns-01 setup
• File Manager upload access if you want automatic http-01 setup

Install

Install globally from npm:

npm install -g cpanel-acme-ssl-installer

Run the CLI:

cpanel-acme-ssl

For local development in this repository:

npm install
npm start

To test the packaged CLI locally:

npm link
cpanel-acme-ssl

What It Automates

• ACME account and order handling through Let's Encrypt
• Domain discovery from the target cPanel account
• DNS TXT record creation for dns-01 when cPanel zone editing is available
• HTTP challenge file upload for http-01 when Fileman access is available
• SSL certificate, private key, and CA bundle installation into cPanel

Usage Notes

• The CLI requests production Let's Encrypt certificates and installs the matching CA bundle in cPanel.
• Wildcard certificates require dns-01.
• In wildcard mode, the CLI auto-fills example.com and *.example.com from the base domain you provide.
• If cPanel automation is unavailable, the CLI falls back to manual DNS or HTTP challenge instructions.
• The installer appends the appropriate Let's Encrypt root certificate so cPanel receives a complete CA bundle.

Security

• Saved cPanel accounts are stored in the current user's home directory, typically ~/.cpanel-acme-ssl/accounts.json on macOS and Linux.
• Credentials are currently stored as plain text, so use this only on machines you trust.
• API token support and encrypted secret storage are still recommended future improvements.

Publish Checklist

1. Run npm install.
2. Run npm run check.
3. Optionally run npm pack --dry-run to inspect the publish contents.
4. Run npm login.
5. Run npm publish.

The package publish whitelist only includes the CLI source plus the standard npm metadata files.

Roadmap

• Save issued certificates for renewal workflows
• Add scheduled renewal support
• Add encrypted credential storage and API token support

Maintainer

• Author: Musab Hussain <info@optify.studio>
• Team: Optify Studio