CertSage was designed for people of all ages and experience levels who want an incredibly quick and easy way to acquire Let's Encrypt TLS/SSL certificates. CertSage is especially helpful if you are using a shared hosting plan that does not allow root access, such as GoDaddy or tsoHost shared hosting. It's free, of course!
Vastly streamlined underlying architecture and user experience to make CertSage more reliable and easier to use than ever
No more clicking around to get back to the CertSage main page; everything can now be accomplished from the main page
Added a button to both acquire and install a certificate in a single step
Added color-coding to displayed certificate information text: green is good; yellow means your certificate needs renewed; red means your certificate is expired
Upload certsage.txt into the webroot directory of your website (e.g. /public_html) that contains the content that you access when you normally visit http://example.com.
Rename certsage.txt to certsage.php.
Usage
Assuming that your domain name is example.com...
Visit http://example.com/certsage.php.
Copy your password from your password.txt file located in your CertSage data directory, which by default is located in the parent directory of the directory where you put certsage.php. The CertSage data directory and password.txt file are created automatically by CertSage when you visit the CertSage page in your browser if they don't already exist. Should you wish to change your password, simply replace the contents of password.txt with whatever password you wish to use going forward.
Enter the (sub)domain names in the box, one per line, for which you wish to acquire a certificate (e.g. example.com and www.example.com).
Select your certificate key type.
Enter/paste your password into the password box.
(Optional) To ensure that your CertSage installation is working, push the test button.
If you are confident that your CertSage installation is working, repeat steps 3, 4, and 5 above (if necessary) then push either the button to acquire and install a certificate (if you use cPanel) or the button to acquire a certificate.
If you use cPanel and didn't use the combined acquire and install button in the previous step, push the button to install your certificate.
Note: The first time you use CertSage to install a certificate into cPanel, CertSage sets up a cron job for you to help automatically renew your certificate when needed. If you don't use cPanel, you'll need to install your certificate using some other method and manage your own certificate renewals.
Using CertSage with Multiple Domain Names Hosted within a Single cPanel Account
WordPress Site Address Update
If your WordPress site starts returning an infinite redirect loop (and thus never loads), follow the instructions in this article to update your site URLs in WordPress:
This may be dealt with elsewhere, but I'm not finding it... Running on Godaddy to renew or replace my Let's Encrypt cert. I get this error:
urn:ietf:params:acme:error:unauthorized
: Invalid response from http:///.well-known/acme-challenge/2vUG5m-pDlBnuaJ70bd2X-Yug02OgTfBz_cc7tf29MU: 404
It looks like it's not creating the acme-challenge file, hence the error. When I look in that folder sure enough the new files aren't there, just the ones from April when I last updated the cert. The site I was using before seem to be broken, which is why I'm trying CertSage.
Thank you. How does this affect the current Sectigo cert (expire in about a year) I now have installed on my cPanel? Does it just override it, or do I need to do anything else beside running your install script?
If you install a Let's Encrypt certificate into cPanel via CertSage, your underlying webserver (e.g. Apache) will be configured to utilize that certificate rather than any previously-installed certificate for the applicable domain name(s). Any previous certificates you have installed into cPanel should still be archived inside cPanel.
Not to my knowledge. The password protection in CertSage mitigates the minimal malicious possibilities of unwanted external usage of CertSage. If you want to be overly cautious, you could replace the contents of password.txt with contents the length of a novel.
I'd attempted to install (as a separate step) the certificate via certsage.php, but I get an error: " Trouble...
password was incorrect"
I did change the password in the password.txt file, but I don't recall whether it was after I acquired the certificate initially, and if that could case this issue.
The password at any given time is whatever is in the password.txt file. A submitted password is checked against the file contents every time a submission is made.
I made several attempts, but it I get the same 'incorrect' password response each time.
My webhosting provider would be willing to install this for me, but they ask for the cert & key & ca-bundle (this I don't see in the certsage dir?)
Are you looking in the correct password.txt file? You should be able to either copy and paste the entire contents from the password.txt file into the password box in CertSage or change the contents of the password.txt file to whatever you have been entering into the password box in CertSage. If you're using multiple copies of CertSage, which is very common, I strongly recommend having the contents of all of their password.txt files being identical to prevent confusion.
This is the first time I'd ever used CertSage, v3 in this case, and downloaded directly from this page as certsage.txt. The password used was my own 20 character randomly created password which I'd inserted into the password.txt file. Then, I'd created an 'EC' key type, asked a couple of questions here (above), and later attempted to install the certificate.
I just tried it again and received message: "Success! Certificate installed into cPanel."
I renamed the password.txt file and reloaded mydomain/certsage.php, which resulted in CertSage creating a new password.txt file, which I pasted into the 'password challenge' box.
Your passwords do not seem to include the types of characters I'd used - e.g. Zg)=@rYyj%'>&^DNAD^7
The generated password is a base64 conversion of random binary data. It's possible that the password you created yourself couldn't be URL-encoded, which resulted in corrupting it when transmitting it to your server. Something I'll need to keep in mind.
