Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My web server is (include version): I don't understand how to find this
The operating system my web server runs on is (include version):
My hosting provider, if applicable, is: tsohost.com
I can login to a root shell on my machine (yes or no, or I don't know): I dont know
I'm using a control panel to manage my site (no, or provide the name and version of the control panel): yes cpanel, where do I find the name ?
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): I am sorry I do not understand techy language. I can follow step by step instructions. I did some months ago install ssl certif then I had to move my account to a different package in tsohost and now I do not know how to install automatic renewal ssl certif.
There is no autorenew for you. If you like shared hosting, you should look for a company that gets a certificate automagically for you. There are several.
Right now, I think your best bet would be enrolling in cloudflare, enabling their cdn, and install one of their origin certificates on your server.
Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My web server is (include version): I don't understand how to find this
The operating system my web server runs on is (include version):
My hosting provider, if applicable, is: tsohost.com
I can login to a root shell on my machine (yes or no, or I don't know): I dont know
I'm using a control panel to manage my site (no, or provide the name and version of the control panel): yes cpanel, where do I find the name ?
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): I am sorry I do not understand techy language. I can follow step by step instructions. I did some months ago install ssl certif then I had to move my account to a different package in tsohost and now I do not know how to install automatic renewal ssl certif.
Cloudflare terminates TLS/SSL and thus decrypts all of its clients' traffic, thus acting as a man-in-the-middle. Some people (myself included) don't want to be in bed with Cloudflare in this way.
The hosting provider still needs to have the private key for the backend server in order for SSL to work. In the case of Cloudflare Origin CA certificates, BOTH Cloudflare AND the hosting provider have the private key for the backend server, not that it much matters since Cloudflare already has decrypted copies of all traffic anyhow. TSOHost is owned by GoDaddy, one of the largest hosting providers on Earth.
I wouldn't trust GoDaddy either, but at the end it's a matter of threat model: TLS is usually meant to protect your users, not you. It doesn't matter if cloudflare or GoDaddy have your keys, it's in-transit interception you usually want to avoid.
The "renewal process" is simply acquiring a new certificate and installing it into cPanel in the exact same way you originally did. You're just replacing the expiring certificate and its private key with the new certificate and its private key. If you already have certsage.php installed, great! You don't need to install it again. Just use it!
CertSage should overwrite any existing certificate and its private key in the CertSage folder with the new certificate and its private key. Once that's done, you just need to install those into cPanel.
Hi not sure what that means, but does not sound good. I find it hard to know where actually to go as all the websites are under one primary domain. Under the cpanel which is for a primary domain, I am not sure why the certif are being listed in the primary file and not the domain rogerwoolger.org ?
Note to other volunteers: The site is sending the "short chain" (R3) so possibly that hosting service has that as default.
I see your .com site is using an ECDSA cert chain (E1) and expires in less than 3 weeks. It is unusual to have that kind of cert from a hosting service. You should work with them to ensure that cert is updated too.
Hi I have managed to cert the rogerwoolger.org site but I am having issues with my other website regresyondmp.com Ihave successfully got the certif CertSage but when I go to the cpanel nothing is there except for the old certif I uploaded in jan this year. any ideas of where/ and what to do ? is it because of too many folders called cert
If you go to the file manager in cPanel and edit the certsage.php file located in the webroot folder of whichever domain is of interest, you will find a dataDirectory variable at the top inside the certsage.php file that will indicate where the relevant CertSage folder is located relative to that webroot folder. By default, the CertSage folder is located in the parent folder of the webroot folder where certsage.php is located.
