Certificate File

JoanneC · January 23, 2017, 10:38pm

Please fill out the fields below so we can help you better.

My domain is:kitchendesignbyjoanne.com

My host said to send a certificate request with a private key to Let’s Encrypt in order to get a certificate file which they will install. Can I email those 2 things to letsencrypt? If yes, where do I email them to? Or how to I send them?

schoen · January 23, 2017, 10:41pm

Hi Joanne, could you explain more about the nature of the problem that you’re having or what you need help doing? Thanks!

JoanneC · January 23, 2017, 10:43pm

I just edited my original request. Thanks!

schoen · January 23, 2017, 10:49pm

Oh, I see!

Let’s Encrypt is a completely automated service which doesn’t work over e-mail, but by a special computer-to-computer protocol called ACME. That means you need some kind of software application to submit the certificate request for you.

If you’re not familiar with this area but you want to go ahead with the suggestion from the hosting company, the easiest way is probably with the web site https://zerossl.com/, which is a third-party service that can take care of all of these steps inside of your web browser. (During the process, you’ll be told to make a change to your web site by posting a particular file on it to prove to Let’s Encrypt that you’re really the owner of that site.) At the end, you’ll get the files that you need to send to the hosting company.

One thing to be aware of if you do this is that Let’s Encrypt certificates are valid for only 90 days, so you’ll need to repeat this process at least once every three months. Otherwise, the certificate will expire and people start to will have trouble connecting to your site.

JoanneC · January 23, 2017, 11:10pm

Thanks, Schoen. I didn’t know that the certificates are only valid for 90 days. Is there another free or lost cost option that will last at least a year? My host has an option called Positive SSL for $4.17 a month that covers subdomain security thru domain.com.

schoen · January 24, 2017, 12:39am

There should be a variety of options for paid certificates but I'm not sure that we're in the habit of recommending particular paid CAs. I remember that there is a comparison site at https://www.sslshopper.com/ but I don't know how neutral or independent it is and don't know who runs it.

As another possibility, depending on the nature of your relationship with your hosting provider, folks here have been maintaining a list of hosting providers who support Let's Encrypt

Many of these hosts will take care of getting and installing Let's Encrypt certificates for you, typically at no additional charge, and also renewing them before they expire. For many people that's a more convenient option than having to do it themselves. We hope more providers will offer this kind of service over time.

motoko · January 24, 2017, 3:39am

If it's just a single domain certificate, that's expensive. Assuming that there are no charges from your provider for having a certificate (some providers demand you pay for a dedicated IP address), you can find much better options.

SSL Shopper isn't bad, but I'm not familiar with their sales partner. I've personally used https://www.ssls.com/ before for paid certificates (mostly for wildcard and EV). It's run by Namecheap. It's one of the lower-cost resellers out there.

system · February 24, 2017, 11:05am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.