Got domain & CSR keys, whats next to deploy SSL?


#1

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: http://tecnodiesel.com/

I ran this command:

It produced this output:

My web server is (include version): Apache

The operating system my web server runs on is (include version): Centos 7.3

My hosting provider, if applicable, is: http://neoclan.net/

I can login to a root shell on my machine (yes or no, or I don’t know): No

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): No


#2

Hi @masclientest,

What kind of hosting environment are you using here and what kind of access do you have to administer the server?


#3

Hi Schoen, thanks for the help. Im a marketer not an IT guy, I call my hosting support team and they could only say my site doesn’t have cPanel and its in Apache. other than that they dont even knew what Let’s Encrypt is. I guess they want to spare the effort to figure out how to implement it in my site. So couold you help me otherwise I’ll need to buy a wildcard for $70. Thanks


#4

Let’s Encrypt is often inconvenient in hosting environments like this because you might have to do a frequent manual renewal and have frequent interactions with the support staff to get them to install your certificates.

You might want to try https://zerossl.com/, which is a web-based interface to obtain Let’s Encrypt certificates. You can use an existing CSR as part of this process and perform the validation steps inside your browser, although you’ll have to be able to post a file on your web site at a specific location or make a specific DNS TXT record in order to prove your control over your domain name. (That’s always a requirement when obtaining a Let’s Encrypt certificate, although for hosting providers with better integration or that allow you to have administrative access to your server, it can be much more automatic.)

At the end of the process, you can give the certificate file to the hosting provider and the provider can install it for you.

But you’ll have to repeat this process at least every 90 days, because that’s how long Let’s Encrypt certificates last. There’s never any charge for this service from Let’s Encrypt’s end, but your hosting provider can potentially impose a charge for its role in installing the certificate.

Many hosting providers have made this process somewhat easier:


#5

Thanks Seth. I’ll give zerossl a try. Talk to you later. Stay happy.