Let's Encrypt certificate in a shared hosting Godaddy server?


#1

I’m following the tutorial https://fr.godaddy.com/help/install-a-lets-encrypt-ssl-apache-20245, but when I typed the command ./letsencrypt-auto --help I got the error : “sudo” is not available, will use “su” for installation steps… Sorry, I don’t know how to bootstrap Certbot on your operating system! You will need to bootstrap, configure virtualenv, and run pip install manually. Please see https://letsencrypt.readthedocs.org/en/latest/contributing.html#prerequisites for more info.


P.S: which su or which sudo doesn’t give any output, and $ cat /proc/version gives: Linux version 2.6.32-673.8.1.lve1.4.3.el6.x86_64 (mockbuild@build.cloudlinux.com) (gcc version 4.4.7 20120313 (Red Hat 4.4.7-16) (GCC) ) #1 SMP Wed Feb 10 08:57:30 EST 2016
And my server is using
Python 2.6.6
Apache


#2

Edit: It seems the version string is about GCC and this might be RHEL 6, so feel free to ignore most of what I said below. :blush:

If I’m parsing that correctly, that host is running RHEL 4. Certbot only supports RHEL 6 and 7.

RHEL 4 was first released in 2005 and has stopped received even critical security updates in early 2012. I would definitely recommend upgrading to a more recent release or switching your hosting provider if that’s not possible.

You might have some success with one of the alternative bash clients which have almost no dependencies, but with a distribution that old, even those clients (which usually run everywhere :smile:) might run into problems.


#3

To clarify - you’re mentioning this is shared hosting. Do you have root access? The client will definitely need root access in order to install dependencies and change configuration files.

The bash clients might work without root, but you’d have to manually configure your web server to make it use the certs. The instructions for that would depend on your web hosting provider, so you’d have to check the documentation or ask support.


#4

Are you absolutely sure your “shared” hosting supports third-party SSL certificates at all? https://uk.godaddy.com/help/does-godaddy-support-third-party-ssls-on-its-products-3983

The instructions you are following could be for VPS for example.

If you can’t install a client, you could for example use the in-browser client on https://ZeroSSL.com, but if third-party SSL is not supported on your plan at all, that won’t help either.


#5

yes it supports third-party ssl certificates.(cPanel Shared Hosting)


#6

No shared hosting doesn’t allow root access.


#7

Do you have a dedicated IP? They are a bit vague about that, though I’m leaning towards “it’s not necessary” answer there after reading this bit:

“Get a Dedicated IP Address (Shared hosting only) – Though you don’t need a dedicated IP address to install an SSL on your cPanel account, having one ensures all visitors can successfully establish an SSL connection.”


#8

all I know is that I have an IP address that I entered in Putty to connect to my server.


#9

Many alternative clients won’t require root access. I believe certbot should not need that either in “certonly” mode, but I might be mistaken about that, since I’m not using it. You should be able to get a certificate, it’s just means the client won’t be able to re-configure the server for you to use it.


#10

can I use this tutorial : https://www.kosinix.com/install-lets-encrypt-certificate-on-shared-hosting/


#11

Certbot can run without root, but the installations adds various dependencies via yum install, so in practise you won’t be able to use it without at least having root during installation (unless your OS just happens to have all the dependencies already).

@leo10: The manual plugin used in that guide would work, yes. Note that you’ll need to repeat this procedure manually at least once every 90 days to renew the certificate.


#12

is this the only way for me to install LE certificate ?


#13

With your current hosting provider, probably yes. Future releases of cPanel will include a plugin that allows one-click provisioning of certificates through Let’s Encrypt, but this won’t necessarily be enabled by all hosting providers (as some of them resell SSL certificates :smile:).

There are a number of web hosting providers with integrated Let’s Encrypt support, in case switching is an option for you.


#14

Then you may have a try on https://acme.sh


#15

I saw the site, and here’s what I understood: 1- connect to my server using ssh.
2- install acme in the server.
3 -issue a cert
4-Install issued cert to apache/nginx etc. /* I have Apache so ? */
The end?
P.s: what about these lines :
The installer will perform 3 actions:
Create and copy acme.sh to your home dir ($HOME): ~/.acme.sh/. All certs will be placed in this folder.
Create alias for: acme.sh=~/.acme.sh/acme.sh.
Create everyday cron job to check and renew the cert if needed.


#16

Yes, you are right.

But I’m not familiar with Godaddy host, I doubt that you will need to install cert manually.


#17

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.