Feature (free) Let's Encrypt SSL certs now available

[Scott]

Today, we've deployed a new cPanel plugin which makes it easier (and cheaper) than ever to have SSL/TLS encryption on every website. Open your cPanel, look for the "Let's Encrypt SSL" icon, and follow the directions there to get your own free SSL certificates for any domains setup on your account.

 

This is available on all shared, premium, and reseller servers. Any VPS clients interested in this can visit https://letsencrypt-for-cpanel.com/or contact our sales department for more information.

 

Resellers:

You will need to enable this feature within a feature list for your hosting packages. The default feature list has it disabled (we don't want to force this on you, in case you have a lucrative SSL business going).

 

One more thing, resellers: We have had a report that some accounts may have bandwidth quota issues when you change the feature list for their plan. Please double check none of your clients are suddenly offline due to quota issues after making the change. I should also note that we don't suggest leaving people on modified accounts with a non-modified plan, it can cause issues. Best to take them off the plan for the month, then reset on the first of next month.

If you have any issues with this, open a ticket and we are happy to help or explain. It's a bit tough explain.

 

 

For more information on the Let's Encrypt certificate authority and service, please visit:

https://letsencrypt.org/

 

General questions can be posted here, as always.

Please direct account specific questions, or any questions with private information, to our support team.

Edited April 22, 2016 by Scott
More info for resellers.

[SarisIsop]

Thank you for adding this.

 

Can I ask how long it takes to start working? I have installed on two websites but there is no change, do I need to change anything else on my websites to make it work?

[andamira]

Thank you, very nice thing to have.

 

I wonder why is it disabled by default for reseller accounts? It makes it necessary then to create and associate a package in order to use this feature.

 

And I was avoiding using packages because each time WHM is updated it automatically recreates all the default subdomains for each account, and I had to manually delete the ones I don't want...

 

Can I ask how long it takes to start working? I have installed on two websites but there is no change, do I need to change anything else on my websites to make it work?

 

For me it was instantaneous.

 

You can check your website manually appending https:// before the address and see if it works. If it does you could create a redirection at the domain level, or if it's a WordPress site, for example, there are plugins that can manage the redirection themselves also.

[SarisIsop]

For me it was instantaneous.

 

You can check your website manually appending https:// before the address and see if it works. If it does you could create a redirection at the domain level, or if it's a WordPress site, for example, there are plugins that can manage the redirection themselves also.

 

Hello Andamira. I got it sorted by redirecting, I also had to change a couple of images too.

 

But it works, thank you very much.

[Scott]

Thank you for adding this.

 

Can I ask how long it takes to start working? I have installed on two websites but there is no change, do I need to change anything else on my websites to make it work?

 

 

 

Hello Andamira. I got it sorted by redirecting, I also had to change a couple of images too.

 

But it works, thank you very much.

 

It looks like you got it sorted out, but to recap:

• The site should be accessible over HTTPS immediately.
• It doesn't setup a redirect to the HTTPS site for you. You may need to do this through your script or .htaccess
• If your site has mixed content (images linked to using http://) it will cause a mixed content warning and needs to be "fixed" to get full use of the encryption
• Tools like the Google Domain console consider it to be a separate site, so it makes sense to set it up there and add a new sitemap before completing the switch over.

[Scott]

I wonder why is it disabled by default for reseller accounts? It makes it necessary then to create and associate a package in order to use this feature.

 

And I was avoiding using packages because each time WHM is updated it automatically recreates all the default subdomains for each account, and I had to manually delete the ones I don't want...

 

We chose to disable it by default since we don't want to impact how your business operates. Some resellers may prefer not to offer the service, or to continue selling SSL certificates. I know we expect our SSL revenue to fall off dramatically. At the end of the day, we thought this was a good medium so that resellers can offer it, but aren't forced to.

[SarisIsop]

 

 

 

 

It looks like you got it sorted out, but to recap:

• The site should be accessible over HTTPS immediately.
• It doesn't setup a redirect to the HTTPS site for you. You may need to do this through your script or .htaccess
• If your site has mixed content (images linked to using http://) it will cause a mixed content warning and needs to be "fixed" to get full use of the encryption
• Tools like the Google Domain console consider it to be a separate site, so it makes sense to set it up there and add a new sitemap before completing the switch over.

 

 

Hello Scott, yes thank you I followed what Andamira said.

 

I did have to change a few things in my forum software and some images, but I've now done 4 websites and it was so simple even I could do it.

 

I've already had good feedback from my forum members and it's keeping my costs down.

 

Thank you.

[Plippers]

Amazing!! Thanks guys!!

[Plippers]

Today, we've deployed a new cPanel plugin which makes it easier (and cheaper) than ever to have SSL/TLS encryption on every website. Open your cPanel, look for the "Let's Encrypt SSL" icon, and follow the directions there to get your own free SSL certificates for any domains setup on your account.

 

Hey Scott,

 

I'm looking in my cPanel under "Security" and have also searched cPanel for it but don't see LE anywhere. Is it active on all Shared infrastructure?

 

Thanks!

[Scott]

Hey Scott,

 

I'm looking in my cPanel under "Security" and have also searched cPanel for it but don't see LE anywhere. Is it active on all Shared infrastructure?

 

Thanks!

 

Yes, it should be on all shared servers. Here's how it looks in my account:

 

(snipped)

 

If you still don't see it, open a support ticket so we can look into what happened on your account.

Edited April 30, 2016 by Scott
Image removed

[Plippers]

Hmm..I have the following. I'll clear browser data and re-login and failing that open a ticket. Thanks!

 

[djMot]

I notice in the Let's Encrypt SSL module that all of my domains are doubly listed as "Addon" (without www) and "Alias" (with www.) Do I need to issue a cert for each of these? What would be the issues either way?

 

Thank you for deploying this into our hosting environments. I heard about Let's Encrypt just a few weeks ago, so what a totally awesome surprise to find it waiting for me when I came looking. MDDHosting always makes the grade!

[Scott]

Assuming the domains show the same content, or one redirects to the other, I suggest putting both domains into a single cert. Use the check boxes on the left along with the "Issue multiple" link at the top and bottom of the list. The resulting certificate will work for both domains, which makes it easy for one to redirect to the other. Separate certificates for both can work too, but there is no need for the certs to different.

 

If both domains don't have a certificate, you might run into issues with redirects. Imagine this scenario:

 

• www.example.com has my website
• example.com isn't used other than to redirect to www.example.com
• I add SSL for www.example.com
• I DON'T add SSL for example.com

Now a user visits https://example.comand they get an error. Why? There is no certificate for the the example.com domain, so their browser won't connect and it won't find the redirect to send them to the correct domain (www.example.com) with SSL.

[djMot]

Great answer, Scott! I totally get it.