Justhost shared cpanel install


#1

My domain is: mech-lock.com

I ran this command: no root access

It produced this output: n/a

My web server is (include version): apache 2.2.34

The operating system my web server runs on is (include version): red hat 4.8.2-15

My hosting provider, if applicable, is: justhost.com

I can login to a root shell on my machine (yes or no, or I don’t know): i can ssh, no root access

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): cpanel 70.0 (build54)

Is it possible to setup auto renewing certificates without getting a dedicated IP through justhost? I have autoSSL enabled, but still get “connection is not secure” in my browser. What is autoSSL?

Thanks for the help!

edit: after checking with this tool https://www.sslshopper.com/ssl-checker.html#hostname=mech-lock.com i get all green checks and it says everything is good… my browser (firefox) still gives me an error and not a green padlock… im confused :frowning:


#2

Check this out:
https://www.whynopadlock.com/results/9a0d0fa6-8537-4066-9c2b-9218e439bc67

Also, although you listed your web server version as: apache 2.2.34, SSLLabs shows your site signature as: nginx/1.14.0
See: https://www.ssllabs.com/ssltest/analyze.html?d=mech-lock.com

The good news is even though I’m not familiar with just host, you do have a current LE cert and LE should work well with cPanel. So, maybe a quick chat with the folks at just host will clear up how you can get that renewed automatically.


#3

Yeah I noticed the nginx response from the other site too. That is very interesting because on cPanel it says that I am running that version of apache.

From the response on whynopadlock it seems as if I just need to redirect all http to https and I’m golden. It is just a few of the images are sourced from http and it throws an error.

I think the autoSSL within cPanel will take care of my renewal automatically.


#4

So as it turns out the autoSSL from cPanel was working fine. That is a great tool! It is a bit concerning that it was just rolled out automatically and nobody was really told… but the end result is a good thing.

My problem, as pointed out by the whynopadlock link, was that some of the images were still linked as http not https and I got a mixed content error. This was due to my wordpress theme and a quick google search pointed me towards a find and replace tool (better search replace) with which i searched all my wp tables for http://mech-lock and replaced it with https://mech-lock. I also added a 301 redirect to my .htaccess file to permanently redirect all http requests to https.

Everything seems to be working now! Thanks for the help.


#5

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.