I’m putting up another website. However it’s a shared hosting plan with cpanel. I used the letsencrypt plugin on cpanel to create a certifcate. It appears the certificate was issued. The problem is i haft to type “https://” in front of my domain. How can I set up my domain so that the certificate just appears without the user having to type “https://” ? Within Cpanel?
I was also wondering if I could use auto renew within cpanel? Should I run cron jobs in cpanel to auto renew my certificate?
Create a redirect from the http:// version to the https:// as explained here:
https://documentation.cpanel.net/display/ALD/Redirects
It is important to ensure the wildcard redirect option is turned on otherwise you may experience issues with validation later on.
You should also enable HTTP Strict Transport Security to speed up and further secure repeat visitors connections as explained by this cpanel host:
This is great, but please understand that this is committing to always use HTTPS (if you stop using it, the site will be broken for many visitors for a period of time and they will not be able to get their browsers to load the site at all).
We would like every web site to use HTTPS all of the time, but I'm still reluctant to suggest HSTS to someone who is just using HTTPS for the first time without at least explaining that it is committing to make use of HTTPS mandatory for that particular site.
Sorry I missed this question before. Yes, you should absolutely auto renew, since Let's Encrypt certificates expire every 3 months. I believe the cpanel Let's Encrypt integration enables this by default; please leave it on.
You would only need to create a cronjob manually if you're using a program like Certbot instead of the cpanel integration and you downloaded it directly from their website or GitHub instead of installing it with a Linux package manager.
TBH once you start redirecting from HTTP to HTTPS you're already in this situation: some number of users will have the https version of your site in their histories or bookmarks and just dropping HTTPS one day will break them, HSTS or not. HSTS just makes it universal and permanent.
I will remember to warn explicitly in the future, still.
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.