CertSage ACME client (version 1.2.0) - easy webpage interface, optimized for cPanel, no commands to type, root not required

It looks like the first certificate you generated only covered www.kathleenshields.com and not kathleenshields.com itself. That probably caused you some unneeded headache and frustration.

4 Likes

Newbie question,
where exactly in cPanel would I put your code?

Also Where would I get your latest code and instructions?

Thanks so much,
Phil

3 Likes

Also where would I look to check the version that I've downloaded, in case there are questions that I want to post here.

Thanks again.
Phil

3 Likes

The latest version of the code and instructions are in the first post of the current thread. You need to put certsage.php into the webroot directory of your website. For cPanel, this is either the public_html directory or a directory inside of public_html.

Inside certsage.php at the top of the CertSage class there there is a $version variable that is assigned the version number.

4 Likes

Hello. I am not a programmer, so I am wondering if you can help me understanding the above. I have several websites on NameCheap, each has their own domain name, but are under the same account. I think NameCheap consider them subdomains. Do I need the certsage.php for each and do I need to do all of the steps that follow for each as well?

Can you please explain what is meant by "Most people will want to enter example.com and www.example.com as their domain names" and how it relates to the first part of the sentence "Visit http://example.com/certsage.php to acquire your certificate."

I currently have free ssl certificate plugin and it is supposed to automatically update and this is the 2nd time it has not and now I cannot access my wordpress dashboards and they have zero support, so I need to get that off of there and use something else.

2 Likes

Happy to help. :blush:

Since CertSage works by satisfying an HTTP-01 challenge for each (sub)domain name to be listed as a subject alternative name (SAN) on a certificate, it must write the necessary challenge file(s) under /.well-known/acme-challenge inside the webroot directory for each (sub)domain name. The webroot directory is the directory/folder on the hosting machine under which all of the content for the website associated with a (sub)domain name is located. It is the "root" directory of your WordPress installation. Since CertSage itself sits in the webroot directory, it knows where the webroot directory is located, but it doesn't know which (sub)domain name(s) use that webroot directory, hence why you must enter them into CertSage. This should correctly lead you to think that all of the (sub)domain names on a certificate acquired by CertSage must be aliases for the same content. A request for example.com or www.example.com is requesting to be served the same content, making them aliases for that content, though usually one would redirect all requests for example.com to www.example.com or vice versa for search engine optimization (SEO) purposes.

TL;DR - If two (sub)domain name(s) point to different content, CertSage will require them to have separate certificates.

4 Likes

Hello!
Thank you very much for the quick response. I have read this several times, but unfortunately I am not educated enough on the subject to fully understand it. :grimacing:

3 Likes

@TamieP
Try doing them each separately [one at a time].

4 Likes

Just signed up to say massive thanks for such a useful, straightforward way to obtain and install LetsEncrypt certs on GoDaddy-owned hosting providers.
One minor suggestion - maybe add some "Tidy Up" steps to the instructions to delete (or at least rename back to certsage.txt) the certsage.php file in the site's webroot, and maybe delete the CertSage folder and content? A websearch for certsage throws up a number of sites where the script is still active, and although there's only limited damage it can do (update / clear the expiration notice email?) leaving it open doesn't seem ideal?
But thanks again for such a neat solution!

5 Likes

You are quite welcome! :smiley:

I concur about renaming back to .txt to disable the script. You shouldn't delete the CertSage folder though because it contains the private key(s) for your (production and/or staging) ACME accounts. Without them, you cannot update your contact preferences in the future for the certificates issued under them.

4 Likes

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.