How to install lets encrypt via webhost

Hello Serverco,

If I do that - it gives the person an message when trying to access in https://. I do not want that because that is pretty annoying. :confused: any other recommendations? I came across this site: https://bugs.gentoo.org/show_bug.cgi?id=251047

Does this make any sense to you? It really doesn’t to me. Maybe I can use this somehow? I guess there is no way for me to edit it?

Also, does it matter where domain.key and account.key are stored?

I’m not suggesting all three of the stages in cpanel - just creating the private key and CSR (not the production of a self signed cert which you can do in cpanel )

The link you provide is all about certificates for email systems, so not really relevant,

No it doesn’t matter where the domain key and account key are stored ( as long as safely in your possession ). Do you have access to another linux box somewhere you could produce the keys on ?

Hello @sky,

Copy that file to /tmp for example and remove ${ENV::SAN}.

cp letsencrypt/examples/openssl.cnf /tmp/

Edit the file /tmp/openssl.cnf, remove ${ENV::SAN} and save it, you will get a file like this:

[ req ]
distinguished_name = req_distinguished_name
[ req_distinguished_name ]
[ san ]
subjectAltName=

Now execute again the command to generate the CSR but using /tmp/openssl.cnf, something like this:

openssl req -new -sha256 -key domain.key -subj "/" -reqexts SAN -config <(cat /tmp/openssl.cnf <(printf "[SAN]\nsubjectAltName=DNS:ilovemusic.net,DNS:www.ilovemusic.net,DNS:ilovemusic.org,DNS:www.ilovemusic.org"))

Good luck,
sahsanu

Hi Serverco,

Thanks! I did it through cPanel like you mentioned. It worked. Thank goodness!!

Now I am a little confused about part 4.

I am having trouble logging in as sudo. I thought my account was sudo - but it is giving me this: sudo: effective uid is not 0, is sudo installed setuid root?

How can I make my user sudo? Is it possible to do via cPanel?

I tried both options (python server and file-based) and I am not having any luck because I am not sudo. :frowning:

I can see it… I am almost there but no cigar.

Hi Sahsanu,

Thanks for the reply, but when I was proceeding on to the next one I missed this post.

I will definitely look at it some other time and play around with it to see if it works.

Thanks for all of your time.

You don’t need the sudo bit.

If you have got the certificate from the website successfully ( let me know if not) then you can add it info cpanel in the SSL/TLS Manager - “Generate, view, upload, or delete SSL certificates.” and you can just paste your certificate there.

Sorry, I just realised you said part 4. You don’t need sudo. You should have been given a file to display in .well-known/acme-challenge on your server