Scott Posted April 19, 2016 Report Share Posted April 19, 2016 (edited) Today, we've deployed a new cPanel plugin which makes it easier (and cheaper) than ever to have SSL/TLS encryption on every website. Open your cPanel, look for the "Let's Encrypt SSL" icon, and follow the directions there to get your own free SSL certificates for any domains setup on your account. This is available on all shared, premium, and reseller servers. Any VPS clients interested in this can visit https://letsencrypt-for-cpanel.com/or contact our sales department for more information. Resellers:You will need to enable this feature within a feature list for your hosting packages. The default feature list has it disabled (we don't want to force this on you, in case you have a lucrative SSL business going). One more thing, resellers: We have had a report that some accounts may have bandwidth quota issues when you change the feature list for their plan. Please double check none of your clients are suddenly offline due to quota issues after making the change. I should also note that we don't suggest leaving people on modified accounts with a non-modified plan, it can cause issues. Best to take them off the plan for the month, then reset on the first of next month.If you have any issues with this, open a ticket and we are happy to help or explain. It's a bit tough explain. For more information on the Let's Encrypt certificate authority and service, please visit:https://letsencrypt.org/ General questions can be posted here, as always.Please direct account specific questions, or any questions with private information, to our support team. Edited April 22, 2016 by Scott More info for resellers. 1 Quote Link to comment Share on other sites More sharing options...
SarisIsop Posted April 20, 2016 Report Share Posted April 20, 2016 Thank you for adding this. Can I ask how long it takes to start working? I have installed on two websites but there is no change, do I need to change anything else on my websites to make it work? Quote Link to comment Share on other sites More sharing options...
andamira Posted April 20, 2016 Report Share Posted April 20, 2016 Thank you, very nice thing to have. I wonder why is it disabled by default for reseller accounts? It makes it necessary then to create and associate a package in order to use this feature. And I was avoiding using packages because each time WHM is updated it automatically recreates all the default subdomains for each account, and I had to manually delete the ones I don't want... Can I ask how long it takes to start working? I have installed on two websites but there is no change, do I need to change anything else on my websites to make it work? For me it was instantaneous. You can check your website manually appending https:// before the address and see if it works. If it does you could create a redirection at the domain level, or if it's a WordPress site, for example, there are plugins that can manage the redirection themselves also. Quote Link to comment Share on other sites More sharing options...
SarisIsop Posted April 20, 2016 Report Share Posted April 20, 2016 For me it was instantaneous. You can check your website manually appending https:// before the address and see if it works. If it does you could create a redirection at the domain level, or if it's a WordPress site, for example, there are plugins that can manage the redirection themselves also. Hello Andamira. I got it sorted by redirecting, I also had to change a couple of images too. But it works, thank you very much. Quote Link to comment Share on other sites More sharing options...
Scott Posted April 20, 2016 Author Report Share Posted April 20, 2016 Thank you for adding this. Can I ask how long it takes to start working? I have installed on two websites but there is no change, do I need to change anything else on my websites to make it work? Hello Andamira. I got it sorted by redirecting, I also had to change a couple of images too. But it works, thank you very much. It looks like you got it sorted out, but to recap:The site should be accessible over HTTPS immediately.It doesn't setup a redirect to the HTTPS site for you. You may need to do this through your script or .htaccessIf your site has mixed content (images linked to using http://) it will cause a mixed content warning and needs to be "fixed" to get full use of the encryptionTools like the Google Domain console consider it to be a separate site, so it makes sense to set it up there and add a new sitemap before completing the switch over. Quote Link to comment Share on other sites More sharing options...
Scott Posted April 20, 2016 Author Report Share Posted April 20, 2016 I wonder why is it disabled by default for reseller accounts? It makes it necessary then to create and associate a package in order to use this feature. And I was avoiding using packages because each time WHM is updated it automatically recreates all the default subdomains for each account, and I had to manually delete the ones I don't want... We chose to disable it by default since we don't want to impact how your business operates. Some resellers may prefer not to offer the service, or to continue selling SSL certificates. I know we expect our SSL revenue to fall off dramatically. At the end of the day, we thought this was a good medium so that resellers can offer it, but aren't forced to. Quote Link to comment Share on other sites More sharing options...
SarisIsop Posted April 20, 2016 Report Share Posted April 20, 2016 It looks like you got it sorted out, but to recap:The site should be accessible over HTTPS immediately.It doesn't setup a redirect to the HTTPS site for you. You may need to do this through your script or .htaccessIf your site has mixed content (images linked to using http://) it will cause a mixed content warning and needs to be "fixed" to get full use of the encryptionTools like the Google Domain console consider it to be a separate site, so it makes sense to set it up there and add a new sitemap before completing the switch over. Hello Scott, yes thank you I followed what Andamira said. I did have to change a few things in my forum software and some images, but I've now done 4 websites and it was so simple even I could do it. I've already had good feedback from my forum members and it's keeping my costs down. Thank you. 1 Quote Link to comment Share on other sites More sharing options...
Plippers Posted April 29, 2016 Report Share Posted April 29, 2016 Amazing!! Thanks guys!! Quote Link to comment Share on other sites More sharing options...
Plippers Posted April 29, 2016 Report Share Posted April 29, 2016 Today, we've deployed a new cPanel plugin which makes it easier (and cheaper) than ever to have SSL/TLS encryption on every website. Open your cPanel, look for the "Let's Encrypt SSL" icon, and follow the directions there to get your own free SSL certificates for any domains setup on your account. Hey Scott, I'm looking in my cPanel under "Security" and have also searched cPanel for it but don't see LE anywhere. Is it active on all Shared infrastructure? Thanks! Quote Link to comment Share on other sites More sharing options...
Scott Posted April 29, 2016 Author Report Share Posted April 29, 2016 (edited) Hey Scott, I'm looking in my cPanel under "Security" and have also searched cPanel for it but don't see LE anywhere. Is it active on all Shared infrastructure? Thanks! Yes, it should be on all shared servers. Here's how it looks in my account: (snipped) If you still don't see it, open a support ticket so we can look into what happened on your account. Edited April 30, 2016 by Scott Image removed Quote Link to comment Share on other sites More sharing options...
Plippers Posted April 29, 2016 Report Share Posted April 29, 2016 Hmm..I have the following. I'll clear browser data and re-login and failing that open a ticket. Thanks! Quote Link to comment Share on other sites More sharing options...
djMot Posted May 12, 2016 Report Share Posted May 12, 2016 I notice in the Let's Encrypt SSL module that all of my domains are doubly listed as "Addon" (without www) and "Alias" (with www.) Do I need to issue a cert for each of these? What would be the issues either way? Thank you for deploying this into our hosting environments. I heard about Let's Encrypt just a few weeks ago, so what a totally awesome surprise to find it waiting for me when I came looking. MDDHosting always makes the grade! Quote Link to comment Share on other sites More sharing options...
Scott Posted May 12, 2016 Author Report Share Posted May 12, 2016 Assuming the domains show the same content, or one redirects to the other, I suggest putting both domains into a single cert. Use the check boxes on the left along with the "Issue multiple" link at the top and bottom of the list. The resulting certificate will work for both domains, which makes it easy for one to redirect to the other. Separate certificates for both can work too, but there is no need for the certs to different. If both domains don't have a certificate, you might run into issues with redirects. Imagine this scenario: www.example.com has my websiteexample.com isn't used other than to redirect to www.example.comI add SSL for www.example.comI DON'T add SSL for example.comNow a user visits https://example.comand they get an error. Why? There is no certificate for the the example.com domain, so their browser won't connect and it won't find the redirect to send them to the correct domain (www.example.com) with SSL. Quote Link to comment Share on other sites More sharing options...
djMot Posted May 12, 2016 Report Share Posted May 12, 2016 Great answer, Scott! I totally get it. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.