Please fill out the fields below so we can help you better.
My domain is: see below
I ran this command: n/a
It produced this output: n/a
My operating system is (include version): n/a
My web server is (include version): Linux
My hosting provider, if applicable, is: Blacknight
I can login to a root shell on my machine (yes or no, or I don’t know): No
I’m using a control panel to manage my site (no, or provide the name and version of the control panel): Yes
I’m moving a wordpress.com blog to self-hosted. I understand that wordpress.com is using LetsEncrypt to provide ssl certs for sites hosted with them now. I don’t need an ssl cert for the blog, but I don’t want users to get errors trying to access it on the new hosting. What’s the best approach? Can I generate a new cert when the blog is up and running on the new hosting, or will I need to get a copy of the existing cert from Wordpress and install it on the new hosting?
I guess you’re using their shared hosting, since you say you don’t have root access? Blacknight provides the following information about using Let’s Encrypt certificates on their shared hosting:
So it would seem that you can use a Let’s Encrypt certificate - but only on one specific shared hosting plan, where you have to install it manually through their control panel, and they won’t do anything to help you obtain or renew it.
I don’t know exactly how wordpress.com’s offering works, but I doubt they’ll allow you to download the private key for your existing certificate. However, if you get a new certificate from Let’s Encrypt (or any other CA for that matter), that should work just as well for preventing your users from experiencing errors.
If you want to obtain a new Let’s Encrypt certificate before setting up the new hosting, you could do so by using the DNS-01 challenge. This challenge works by asking you to create special DNS records to verify your ownership of the domain. How exactly you do this depends on which client you use; with Certbot, it looks something like this:
certbot certonly --manual --preferred-challenges dns
I’ve tested setting up a Let’s Encrypt certificate for another site on Blacknight shared hosting (in a different account) so I’m happy that will work. I wasn’t entirely clear on whether I could set up a brand new ssl cert for a site when there was already an existing cert on wordpress.com though. I don’t mind a bit of downtime during the migration.
