A daily tip for building a website for international trade: Apply for a free SSL certificate and two methods to display a security lock on your website.

SSL/TLS certificates enable your website to display a locked (HTTPS) sign in the browser's address bar, which is especially important for B2B websites in international trade: it enhances professionalism, prevents access denial, and improves trust with Google/search engines and buyers. For website building beginners, this article explains the two simplest, zero-cost methods clearly—step-by-step and replicable:

1. The main unit features one-click start (least effort required).

2. Manually apply using Let's Encrypt + Certbot (suitable for VPS / with SSH access)

The article concludes by showing you how to check if HTTPS is working , and subtly inserts the promotional information requested by the author in appropriate places.

Method 1: The host/panel has built-in SSL

Many hosting providers/control panels (such as cPanel, Plesk, BT Panel, etc.) have built-in Let's Encrypt or AutoSSL, which basically achieves "one-click activation and automatic renewal".

Beginner's Guide (using cPanel as an example; the steps are similar for other panels):

1. Log in to the control panel (cPanel) that you used when you purchased the hosting service.

2. Locate Security → SSL/TLS / SSL/TLS Status / AutoSSL .

3. Select the domain/subdomain you want to enable, and click Run AutoSSL / Issue (or select Let's Encrypt as the provider).

4. Wait a few minutes, refresh the page, and confirm that the certificate has been installed.

5. In the site backend or page template, change all external links (such as http://) to relative links or https:// to avoid mixed content.

Why can it renew automatically? Hosting panels usually request new certificates from Let's Encrypt periodically and replace old certificates automatically (cPanel/WHM's AutoSSL does this).

Tips (Frequently Asked Questions):

• If you already have an old certificate or a self-signed certificate, you may need to delete or overwrite it before running AutoSSL.

• Some cheaper or specialized hosting providers do not offer Let's Encrypt. In this case, see Method 2 below or contact the hosting provider's customer service.

Method 2: Use Let's Encrypt + Certbot yourself

When you use a VPS (such as DigitalOcean or Alibaba Cloud ECS) or have SSH access for hosting, Certbot offers completely free and automatic certificate renewal. The following are the commands and steps, designed for beginners.

Prerequisites

• You can log in to the server using SSH (root or with sudo privileges).

• The domain name has been resolved to the server IP (A record is in effect).

• Your server is running a web service (Apache/Nginx), or you can temporarily suspend it for verification.
  Let's Encrypt works with ACME clients (such as Certbot) to verify your control over a domain name.

One-click installation of Certbot (common Linux distributions)

(The following example uses Ubuntu/snap installation as the Certbot official recommended method)

(Source: Certbot official guide, installation and usage examples)

Automatically obtain and install via nginx/apache plugins (if you are using nginx or apache).

Certbot will automatically configure your web hosting and enable HTTPS. If everything is successful, the page will display the certificate path and renewal information.

If the server configuration cannot be modified automatically (webroot mode is recommended).

Webroot mode will not stop the service and is suitable for production environments.

The above command will write a verification file to your /.well-known/acme-challenge/ acme-challenge/` directory. Let's Encrypt will then verify the file via an HTTP request and issue the certificate. After installation, you will need to manually configure the certificate path to `nginx/apache`.

standalone mode (when port 80 is not in use)

Suitable for briefly pausing web services or when webroot privileges are not available.

Automatic renewal

Certbot's snap package usually comes with a systemd timer, which automatically renews certificates (certificate validity is usually ≤ 398 days). You can also manually test the renewal command:

For customization, you can use cron or systemd to run certbot renew periodically.

Common pitfalls and troubleshooting (essential reading for beginners)

• The domain name is not resolved to the server → verification will fail. Please ensure that the A record is in effect (you can ping yourdomain ).

• Ports 80 and 443 are occupied → standalone mode will fail; switch to webroot or temporarily disable the service.

• Mixed content → The page still displays an insecure lock because some resources (images, scripts, iframes) are still loaded from HTTP; change these URLs to HTTPS.

• If the certificate does not renew automatically or is misconfigured, you can reproduce the problem and view the error log by running ` sudo certbot renew --dry-run .

How can I check if my website has HTTPS installed successfully?

1. Check your browser's address bar for a lock (🔒) that starts with https://yourdomain .

2. Command line check (quick):

3. Go deeper: Use SSL Labs' free test (online) or your hosting dashboard to view certificate details.
   If the certificate information is successfully returned and the browser displays a lock, it means that the certificate has been activated.

AB Customer Smart Website Builder: Automatically Configures Free SSL

B2B Smart Marketing Solution for Foreign Trade : If you choose a service like ABke Smart Website Builder , many steps can be skipped—it automatically configures a free SSL certificate for you. For example, ABke's official website states: ABke automatically configures a free SSL certificate for your website. Whether you choose the free version or another paid version, the SSL certificate is automatically included. So you don't need to apply for one separately or worry about it; we'll handle it for you! For details, please refer to: https://www.cnabke.com/

Summary: Which method should you choose?

• Shared hosting/cPanel/Plesk: Prioritize using the panel's one-click Let's Encrypt/AutoSSL (the simplest, automatic renewal).

• VPS with SSH: Use Certbot (--nginx / --apache / --webroot) for flexible control and automatic renewal.