I might have a bit of a tricky question. I recently opened up a blog on wordpress and linked it to the domain www.tagungkunstvermittlung2021.de from ionos 1&1. However I couldn't get any SSL-Certificate although I purchased one by DigiCert at ionos 1&1, but they told me it wouldnt work. Then I wrote to wordpress asking them what to do. Next day I hat a Let's encrypt certificate showing up in my webbrowser - BUT HOW? who purchased it? who payed for it? i am very confused and don't know how to find out how this worked out.
Hi liz,
I guess wordpress got the certificate from letsencrypt. As letsencrypt certificates do not cost anything nobody payed for it. It seems wordpress is managing your site and therefore has control over what certificates they use. I can't tell you why your Digicert certificate isn't supposed to work but they probably used the letsencrypt one because it's easier for them to automate. The only disadvantage is that you paid for a cert you probably won't need. For a small blog having a digicert certificate isn't really necessary.
So the way you have your blog right now is fine. You might ask Digicert wether you can cancel your certificate.
Greetings
Phiwatec
And speaking more generally: When your website is hosted somewhere else, it's ordinarily best that the web host handle obtaining and renewing the Let's Encrypt cert--you shouldn't ordinarily need to be directly involved in that process.
I can help shed some light on your mystery. Only you, someone to whom you have given permission, or your hosting provider has the necessary access to install a certificate on your webserver. From the DNS records for tagungkunstvermittlung2021.de, it appears that you are using WordPress hosting:
Since you are directly hosting with WordPress, they have the necessary access to your webserver. They acquired and installed a Let's Encrypt certificate for your domain name, which was possible since the DNS A record for tagungkunstvermittlung2021.de is pointing to a webserver they control. I also suspect that you might have even registered your domain name through WordPress, though the underlying registrar is DENIC eG.
If DigiCert did in fact issue a certificate for tagungkunstvermittlung2021.de, it sure isn't showing up in the certificate transparency logs. If I were you, I'd request a refund from IONOS by 1&1.
thank you so much for your thoughts and replies! It helped me a lot to understand what was going on. I meanwhile canceled my order of the Digicert certificate (hoping it is not too late) and just got a reply from wordpress support (which i didn't get earlier because my mail didn't work) that they indeed managed the Let's enrcypt certificate. There where just too many factors messing it all up and adding to confusion!
Again, thank you so much for taking the time!! Best wishes, liz