Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
I access the domain in diff. browsers - each says NOT SECURE or something equivalent.
My web server is (include version): Don't know what that means - I am hosted by A2hosting.
I can login to a root shell on my machine (yes or no, or I don't know):
Don't know, but probably not.
I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
cPanel - current version
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):
Again, if I could understand a question this tech-y, I probably wouldn't need your help!
JUST an enormous thank you for a straightforward answer to a not very sharp (on my part) question. But I'm more than a little resentful that "support" at a2hosting didn't/ couldn't handle this as well - at all, really! - as you did.
PLUS, I learned that they are "jumping ship" - apparently "Let's Encrypt" has such a wonderful idea - why can't the powers that be reduce spam by 99%, instead of looking for ways for someone to sell "certificates" for many millions of hard-to-come-by-dollars?! - that someone else is doing something similar & a2hosting is heading their way.
So, more of a marketing than technical question at this point:
What hosts does L.E. work with? Ideally, you use such a one & are happy with them!
Just some minor correction: It's what hosts utilize Let's Encrypt certificates.
Let's Encrypt only provides certificates, and use public API so everyone who has a compatible ACME client are allowed to use Let's Encrypt (but there are rate limit and IDN list etc..). Most hosting company would use cPanel or Plesk, and if they don't sell certificate with their service, they probably would enable a module that allow automated issuance of free certificates.
I currently use SiteGround, who would supply free Let's Encrypt certificates. It's been good for a few months, but for some unknown reason their support begin to go sour and are quite weird actually. But they host on GCP so i bet stability might be better than other companies.
You can even use Let's Encrypt on GoDaddy/Namecheap (those who don't provide free Let's Encrypt certificates) cPanel servers, although it's nothing like "click a button and you are done", but it's still automated after you've set it up. You actually need to SSH in the machine and copy / paste some commands to get a certificate for the first time.
I think whether the host offer Let's Encrypt certificates is only a minor determination factor. Speed, stability and price are more important for common small site owners (at least for my friends and i)
I'm actually working specifically on a solution that does exactly this right now for GoDaddy shared hosting.
You can currently use any cPanel that has the SSL/TLS icon in the Security section to generate certificate signing requests (CSRs) and install/manage certificates. You just need an ACME client to acquire the certificate.
Well, acme.sh can be used in jailed ssh and use cPanel's API to update certificates. It's definitely not graphical and require some knowledge on command line (their step by step instruction are not that clear)... But it's working (and has been for a long time)
I'm tempted to write a guide on how this work (include video walk through) but never had that much spare time...
I have actually been in heavy drafting of a guide in the #lounge with jsha for the last week that uses my own graphical client in conjuction with cPanel SSL/TLS. The upcoming version of my client will be MUCH simpler to use and FAR more powerful in managing almost everything. I am hell-bent on bringing GoDaddy into the fold, by hook or by crook.
]
