CertSage ACME client (version 2.2.0) - easy webpage interface, optimized for cPanel, no commands to type, root not required, fully-automated certificate renewals

Newer version available (3.0.0):


Introduction

CertSage was designed for people of all ages and experience levels who want an incredibly quick and easy way to acquire Let's Encrypt TLS/SSL certificates. CertSage is especially helpful if you are using a shared hosting plan that does not allow root access, such as GoDaddy or tsoHost shared hosting. It's free, of course!

Changes from Version 2.1.0

  • Removed all functionality for adding/updating contact email addresses due to Let's Encrypt no longer supporting this functionality

Requirements

PHP 7.0+

Installation

Assuming that your domain name is example.com...

  1. Download certsage.txt.
  2. Upload certsage.txt into the webroot directory of your website (e.g. /public_html) that contains the content that you access when you normally visit http://example.com.
  3. Rename certsage.txt to certsage.php.

Usage

Assuming that your domain name is example.com...

  1. Visit http://example.com/certsage.php.
  2. Copy your password from your password.txt file located in your CertSage data directory, which by default is located in the parent directory of the directory where you installed CertSage. The CertSage data directory and password.txt file are created automatically by CertSage when you visit the CertSage page in your browser if they don't already exist. Should you wish to change your password, simply replace the contents of password.txt with whatever password you wish to use going forward.
  3. Enter the (sub)domain names in the box, one per line, for which you wish to acquire a certificate (e.g. example.com and www.example.com).
  4. Select your certificate key type.
  5. Enter/paste your password into the password box.
  6. (Optional) To ensure that your CertSage installation is working, push the button to acquire a staging (fake) certificate.
  7. If you are confident that your CertSage installation is working, repeat steps 3, 4, and 5 above (if necessary) then push the button to acquire a production (real) certificate.
  8. If you use cPanel, push the button to have CertSage install your production certificate into your cPanel and setup a cron job for you to automatically renew your certificate when needed. If you don't use cPanel, you'll need to install your production certificate using some other method and manage your own certificate renewals.

Using CertSage with Multiple Domain Names Hosted within a Single cPanel Account

WordPress Site Address Update

If your WordPress site starts returning an infinite redirect loop (and thus never loads), follow the instructions in this article to update your site URLs in WordPress:

5 Likes

I'd love to see the confirmation page not require us to click back to beginning and fill out the form again. Instead, the confirmation could be output at the top of the homepage and what was posted could be populated again. It would save a couple of steps.


Although, even better would be a single click to generate the certificate + install.

1 Like

All good thoughts. :slightly_smiling_face:

I've considered this before. :thinking: I think it's worthwhile at this point. I'll do it. :grin:

This concept has plagued me for some time...

  • I don't want to limit CertSage to cPanel
  • Consistent detection of cPanel presents its own challenge
  • Even with consistent detection of cPanel, assuming the desire of certificate installation is a decision
  • A separate, compound button of acquire and install could be possible as a halfway house :thinking:
  • One challenge with a combined acquire and install action is that success of the acquire with failure of the install would effectively require determining that the existing certificate in the CertSage data directory is sufficient for the requested domain names (by effectively matching the SANs on the cert and not being near expiry). I suppose this is a good "protective" feature anyhow to prevent duplicate cert rate limiting. Such protection is also useful for renewals.

I'll do it. It's gonna take some work, but I think the improvements are worth the cost.

3 Likes

Thanks for entertaining my request!

Maybe a radio button for a fully automated install to cPanel or manual approach. The second part of the request won't be as important is the first step loads + prepopulates the original form so installing the cert is just another click away.

An alternative path is to define the password + domains in step 1 to a browser session variable. Step 2 uses those details from the session and you're simply clicking on each action.

The main challenge is repetitive data entry and streamlining the process so it's more linear instead of back-and-forth.

1 Like

Done! :grin:

Check it out! :rocket:

2 Likes

Amazing... just tested and it worked like a charm!

3 Likes