Let’s Encrypt SSL Now Available in cPanel
Online security has increased in the past few years mainly thanks to the trust that certificates create. Certificates validate that the website you are visiting does not contain any malicious software and by using the HTTPS protocol assures that any sensitive information is encrypted.
Introducing Let’s Encrypt Free SSL
We are happy to introduce a new feature, that we have added to all of our shared hosting servers and locations. You can find it by login into your cPanel and navigate to the Security section or simply by typing Let’s Encrypt in the search field.
Let’s Encrypt is a free and open certificate authority service provided by the Internet Security Research Group (ISRG). The project’s main goal is to provide domain-validated certificates on-demand and make the internet a safer place. Backers like the Mozilla Foundation, Akamai, and Cisco Systems further increase the credibility and success rate of the project. The main benefits it offers are:
- Anyone who owns a domain name can use the service to get a trusted certificate for free.
- The service advances global online security by enabling more websites to show they are trustworthy.
- The configuration and renewal are automatic which makes “Let’s Encrypt” easy to use by anyone.
- Certificates are publicly available for anyone to inspect, which guarantees transparency.
As a FastComet user, you are now able to generate and enable Let’s Encrypt certificates directly within your cPanel control panel without filling out any information details with a click of a button. Just choose the domain/subdomain you wish to cover with a certificate and click on the Issue button next to it.
Issue Your SSL Certificate
You can have multiple certificates installed on your account for each domain and subdomain you want. Your new Let’s Encrypt certificate has a 90-day time span but it will automatically renew itself unless you choose to cancel it through the cPanel interface.
If you’re not entirely comfortable with the Let’s Encrypt approach to democratizing encryption, don’t worry! You’ll still be able to purchase security certificates through the FastComet Customer Portal.
For more information about the Let’s Encrypt project and how it works, visit their official website.
The latest tips and news from the industry straight to your inbox!
Join 30,000+ subscribers for exclusive access to our monthly newsletter with insider cloud, hosting and WordPress tips!
Antoniy’s primary goal at FastComet is helping grow our client base through affiliates and strategic partnerships. It is all about statistics analysis, communication with our affiliates, working on various campaigns, searching the web for trends and generating ideas for future projects. You're likely to run across him at some point in the FastComet Community, too because he loves getting in and interacting with our great customers. You can always count on him to come up with strategic ideas for the team and is always searching for the smartest ways to spread our brand and services worldwide.
Comments (30)
Hi, Do you recommend a wait time for installing Lets Encrypt SSL certificate, after domain registration and setting up the domain in cloudflare
Hello Vinod,
No additional waiting time is required for activating Let’s Encrypt as long as the domain is pointed correctly.
Thanks for information
Dear Admin,
Kindly assist me which ssl is better for basic websites. I need your recommendation between Cloudflare and let’s Encryption SSL. Here you can see with my domain having cloudflare SSL https://bit.ly/2Vy4ww6 and also its mixed Lets Encryption inside Cpanel account. So its confusing why we need to use together. I heard your support team we can’t use cloudflare SSL inside the Cpanel account, Is that right?
Hello Ifran,
Both SSL types are good for any type of website and choosing which one to use is a personal preference. The main benefit you get with using the Let’s Encrypt SSL via your cPanel is that you have a bit more control on issuing it and what subdomains you want to cover with it. Furthermore, our support will be faster than Cloudflare’s on solving any issues that may arise on a particular website covered by an SSL issued via Let’s Encrypt.
For more thorough information on the SSL options available, please check our guide (https://www.fastcomet.com/kb/how-to-get-free-ssl-certficate-with-fastcomet). It will help you understand SSL in general, how it works and all the positives it provides for your website.
Kindly tell me why am I facing this issue. How to resolve it?
Error issuing certificate
Failed to issue certificate
Updating challenge for mail.zeeservicing.com: acme: error code 400 “urn:ietf:params:acme:error:dns”: DNS problem: NXDOMAIN looking up A for mail.zeeservicing.com – check that a DNS record exists for this domain (order URL: https://acme-v02.api.letsencrypt.org/acme/order/124629232/9917342830)
Hello Zee,
First of all, please note that the blog is not monitored 24/7 which means that in such cases sending a ticket would have resulted in a 10-minute reply by our tech team, instead of few days of waiting here.
Having said that, I also see that you have issued the certificate on your account since your comment which means that you have found that the solution is to point the mail.zeeservicing.com subdomain to the server via its A record (in your case redirect to the main website) or re-issue the certificate. Most of the time, customers simply re-issue the certificate and exclude the mail.domain.com from the process which is also a possible resolution.
Hello whats is this mean
There was a problem processing your request
Error issuing certificate
n n https://acme-staging-v02.api.letsencrypt.org/acme/order/10459093/44143008)Failed to issue certificate
Updating challenge for taskforce-dev.website: acme: error code 403 “urn:ietf:params:acme:error:unauthorized”: Invalid response from http://taskforce-dev.website/.well-known/acme-challenge/lMvADiGS8-GFmC_y-o7Pi4UfYYP9thCR7KpgMCd_LDI [2606:4700:30::6812:3d78]: “nn
Hello Michael,
Such errors usually appear due to a misconfiguration in the DNS settings associated with the domain (this includes any of the A records in your cPanel -> DNS Zone Editor).
At the time of writing this reply, the website which you mentioned has an issued SSL certificate and is opening via https without issues.
If you experience this or any other error while trying to issue a Let’s Encrypt certificate, make sure to open a ticket via your client area and our team will swiftly assist you.
They said SSL is free for 90-days so after SSL is expired , i need to purchase it, right ?
If yes , how much is it ?
Thank you
Hello there,
As mentioned near the end of the article:
Hope this clears your concerns.
I just install it.
Hi again here,
This is what I can see in STATUS : “Expires on October 5, 2018. The certificate will not renew via AutoSSL because it was not issued via AutoSSL”.
Is there something called “AutoSSL” ?
I am issuing from: “Lets Encrypt SSL” under “SECURITY Tab”. Won’t it be renewed automatically as showing in that message ?
I am wondering if there is any AutoSSL option. 🙂
Thanks,
Hello again,
Could you provide us with the domain name associated with your hosting plan so we can further check on your request. You can also send the information on [email protected] in case you want to keep it private.
Mailed you!
Thank you for the reply Rajesh,
I have reviewed your mail and ticket and I can only reiterate the answer of my colleague as it is the correct reply.
The message on your screenshot is provided by cPanel if an SSL certificate has been issued outside of the AutoSSL cPanel feature. As you have issued the certificates via the Let’s Encrypt section which is not connected with AutoSSL, the message pops up to warn you that it won’t be renewed by AutoSSL which is only logical.
Still, Let’s Encrypt has its own auto renewal feature which is active and will renew your certificate(s) automatically before expiration.
If such renew is unavailable on the time of expiration which is highly unlikely, you will be notified via email that your SSL is about to expire and you will be able to reinstall it with a click of a button in the Let’s Encrypt section of your cPanel.
Thank you for making it clear. So, there is nothing to worry as it is logical only. However to make myself clear, what is AutoSSL ? is that option available somewhere or it means it gets issued automatically if no SSL is found or something similar ?
Thanks 🙂
AutoSSL is a feature that can install domain-validated SSL certificates (from Comodo) on domains configured in your cPanel account and renew them automatically which on first hearing sounds a lot like what Let’s Encrypt does.
The difference between AutoSSL and Let’s Encrypt is that Let’s Encrypt is a certificate authority while AutoSSL is a feature of cPanel & WHM. There are also some limitations to AutoSSL which are not present in Let’s Encrypt like not securing wildcard domains, at least at the time of writing this comment.
So we have chosen Let’s Encrypt over AutoSSL in order to provide the best balance of features and possibilities for our customers. As AutoSSL is a feature of cPanel, you are bound to see messages regarding it when navigating the SSL/TLS sections of cPanel even if it is not activated.
Thank you so much for the explanation 🙂
Do I need to do rewriting things if I add SSL before installing WordPress and choose https:// Protocol while installing WordPress ? It’s my first day to Fastcomet and have no idea if “A trusted SSL Certificate was not found” will be shown even after that ?
Hello Rajesh,
You can use the rewrite rule which I mentioned in one of the previous replies in the comments. I have featured that comment so it should appear on top of this discussion.
As of now, HTTPS connections are not forced by default, which means that even if you have everything set up correctly the website will still be accessible via HTTP. Here is where that code snippet which can be added to the .htaccess file of your website will come in handy to force the HTTPS protocol for all visitors.
If you for some reason want to have the website accessible via both HTTP
and HTTPS then you won’t need to do any additional rewriting after you
install WordPress on a domain with active SSL certificate.
Furthermore, the error which you mentioned is usually due to Softaculous not being able to detect a certificate for the domain on which you want to install an app. This can occur even when there is a certificate if the DNS is not responsive in the time of installation for some reason. However, if you are certain that there is a certificate issued for that domain, you can continue with the installation despite the error and the website will work correctly afterwards.
Again, if you get stuck on any of the steps in configuring an application on our servers, you can always contact our support team via your client area.
Thank you so much, dear! 5 STARTS for your quick response. 😀 Will contact support team if I find any problem setting up.
Great! If I am hosting, say, 2 domains, each with 2 subdomains (www.domain1.com, app.domain1.com, http://www.domain2.com, blog.domain2.com), can I use the Control Panel to get Let’s Encrypt certificates so that all of them are covered?
Yes Mark, absolutely. You can cover as many Domains and Subdomains with certificates as you want, by clicking on the “Issue” button corresponding to set domain/subdomain in the Let’s Encrypt section of our cPanel.
So I did issue the Let’s encrypt, but my site doesn’t automatically redirect to the https:// site, but opens the normal plain http:// site, so it won’t show up as secured. Do I need to remap my url or what do I need to do to make sure only the https “version” is available?
Let’s Encrypt issues the certificate but does not change the rewrite rules for your domain. To force the connection via HTTPS on your domain you will need to manually change the .htaccess file for that domain and add the following snippet to the top of the file:
RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://domain(dot)com/$1 [R=301,L]
Don’t forget to substitute the domain(dot)com with your actual domain name.
If you experience any difficulties in completing this task, contact our support team and they will be more than glad to assist you.
Yes, Let’s Encrypt allows automatic renewal and we have configured our shared hosting servers to execute this feature so you won’t have to manually do it yourself.
Great article! Thanks!
The link to their website doesn’t work, this one works:
https://letsencrypt.org/how-it-works/
Good observation there, Travis. I have updated the link with the one you provided.