Good afternoon!
I got through the entire https://gethttpsforfree.com process and all went perfectly thanks to help from pfg-Community Moderator. However, when testing my install SSLLABS gave me a “F” rating. I have a domain name mismatch.
[quote]Server Key and Certificate #1
Subject *.inmotionhosting.com
Fingerprint SHA1: 7bd56256975db204fe1e9bee6e27f58d47e12824
Pin SHA256: EehSgPmiZOYY3IoYZkZaM7eJyxB1CEpBRwlFV63nEIU=
Common names *.inmotionhosting.com MISMATCH
Alternative names *.inmotionhosting.com inmotionhosting.com
Valid from Mon, 24 Feb 2014 00:00:00 UTC
Valid until Thu, 23 Feb 2017 23:59:59 UTC (expires in 8 months and 12 days)
Key RSA 2048 bits (e 65537)
Weak key (Debian) No
Issuer COMODO RSA Domain Validation Secure Server CA
AIA: http://crt.comodoca.com/COMODORSADomainValidationSecureServerCA.crt
Signature algorithm SHA256withRSA
Extended Validation No
Certificate Transparency No
Revocation information CRL, OCSP
CRL: http://crl.comodoca.com/COMODORSADomainValidationSecureServerCA.crl
OCSP: http://ocsp.comodoca.com
Revocation status Good (not revoked)
Trusted No NOT TRUSTED (Why?)[/quote]
My website is vinyldecalsuperstore.com, hosted by inmotionhosting.com. I can see the problem, but don’t know how to correct it.
The certificate isn’t installed correctly on the server. How did you install it ? ( does it have a control panel of some sort that allows this ? or do you need to get the host to install it for you ? )
SSL certificates can only be installed by account owners on VPS or Dedicated Server accounts with root access. Otherwise, please submit a request to our live technical support team if you need an SSL Certificate installed.
Keep in mind that they might be charging extra for installing certificates for you when renewal time comes - we've seen an example of a hoster setting the price of this at $10 per installation already
Andy & Alexander - Thank you for quick replies.
I installed the certificate with the Apache instructions provided
[quote]Step 5: Install Certificate (see below)
Congratulations! Let’s Encrypt has issued you a certificate for your domains! Below is the signed certificate you can use for your website.
Apache installation instructions:
Copy and paste the below domain certificate into file “domain.crt”.
Copy and paste the below intermediate certificate into file “intermediate.pem”.
Copy “domain.crt” and “intermediate.pem” to /etc/ssl/certs/.
Copy “domain.key” /etc/ssl/private/.
scp domain.key root@foo.com:/etc/ssl/private/domain.key[/quote]
In my cPanel file manager, I created and edited the folders & files above. There was no mention of my CSR so I copied the one I created a few days ago when I tried installing certbot (but ran into access problems). Now that I’ve written this, I did not see any other reference in the gethttpsforfree.com instructions on locating/copying this CSR file and I know the text within and the name of the “certbot” csrs file couldn’t possibly match.
How can I match the CSR file name and contents to my domain.crt file? My hosting company charges $25 per installation. It would be $100 for a purchased cert plus install. Having them install a free one every 90 days would be almost as costly.
I’d rather learn ‘how to fish’, than pay the butcher every time.
My host requires they install SSL certificates, so LE won’t work for me there. Since I’m so very new to coding, I will continue as is and keep tracking this forum community as a learning tool. When I’m comfortable understanding what I’m doing I look into another hosting company.
Thank you everyone for your insights . And if anyone has a helpful beginners guide to coding, I’ll be thrilled to hear from you.
. And if anyone has a helpful beginners guide to coding, I’ll be thrilled to hear from you.