Paragon Internet Group t/a tsoHost UK - Lets Encrypt NOT Working?

Have been using Lets Encrypt Free SSL with the above web hosting company for several years now.
Never had problems before!
If the certificate didn’t auto renew, a quick visit to the control panel soon allowed it to be done manually.

But now on their cloud servers there is an issue and when trying to renew the certificate manually (as they are not renewing automatically, I get this error notice after trying to install the new certificate:
Sorry, something went wrong. Please try again or contact support. Try removing the .gridhosted.co.uk aliases (domain preview) if enabled.

Upon contacting support they gave no help and just referred me to a status page of theirs where it states:

Cloud Let’s Encrypt issues

Updated Jul 8th, 08:49 BST

Update We have also noticed that the same issue affects some of our VPS servers as well. Our administrators are informed about it and they are working on resolving the issue as soon as possible. Please accept our apologies for the caused inconveniences.

Support then tried selling me a SSL certificate and would not offer any other help or advice on this issue.

Looking forard to somebody knowing about this situation, as it has affected two of my sites so far and have had to point them to ‘Cloudflare’ to be able to use their free SSL service. But cannot of course get end to end encryption, only a Flexible SSL where it encrypts traffic between the browser and Cloudflare.

Is there an issue between Lets Encrypt and Paragon Internet Group t/a tsoHost UK , or are they somehow blocking Lets Encrypt to see add on SSL’s???

1 Like

Hi @sanctre

read

Everyone can create Letsencrypt certificates. There is no special “contract” or agreement with Letsencrypt required.

So if your hosting company has used Letsencrypt certificates and now it doesn’t work, it’s a problem of that hosting company. They have to fix it. Or change your hoster.

2 Likes

Hi Juergen,

Thank you for your reply.
I specifically named the hosting company to try and evaluate if anyone else in this ‘community’ has experienced this problem.

As their latest update was 15 days ago as follows:

“We’ve identified an issue that will affect Let’s Encrypt certificates and their provisioning process.
Our developers are aware of this and are working on resolving this as soon as possible.
Apologies for the inconvenience caused”.

So I was wondering, how this issue has ‘suddenly’ manifested, as there has been no problem over the years that they have had Lets Encrypt on the dashboard of the Control Panel.
And indeed how difficult is this problem to resolve!?..
Support will say nothing, except refer you back to this status update and I am wondering if this is a self created issue by Paragon Hosting Group UK, to sell SSL’s rather than have the facility of Lets Encrypt?

How could the ‘provisioning process’ be causing this issue?..

1 Like

It’s a problem of that company, nothing else.

May be they have used ACME-v1, that’s deprecated, now they can’t use it with new domains. So they must implement ACME-v2 (that exists 2 years).

Or another problem, that’s completely speculative.

There are thousands of companies using Letsencrypt without problems. If some companies have problems, that’s their problem they have to fix.

2 Likes

This isn’t a Cloudflare promotional site, but just to clear something up: Cloudflare can help you here if you trust them in the middle. They can issue you a certificate only they trust (they call this a “Cloudflare Origin” certificate), and then there are two separate TLS paths, one from Cloudflare to you (using the certificate they issued to you) and another from your visitors to Cloudflare (using publicly trusted certificates Cloudflare obtained under a bulk deal they have). Nobody other than Cloudflare who are now in the middle, can snoop on these connections.

So this is Full SSL Strict mode, much better than Flexible - but it does require you to trust Cloudflare and I understand if that’s not something you’re comfortable with.

Hi Tialaramex,

I do not understand what your reply is about.
My sites remain on the servers on Paragon Hosting UK, but have pointed them to Cloudflare and the only SSL option open to me is Flexible, as there is no possibility of set ting up a Lets Encrypt certificate on the server (Paragon)

I think @tialaramex was thinking that you were the administrator of your servers and could freely change their configuration. It sounds to me like you are not the administrator and you rely on Paragon for major configuration or software changes on the server.

I’m also experiencing the exact same issues with a website hosted with tsoHost and stumbled upon this forum after doing a google search. For some time now the SSL certificate would not renew automatically and I’ve had to manually initiate this action in their control panel, however, when I tried today it came up with that error message.

I fully believe the issue is with TSOhost’s control panel and not with Let’s encrypt. They’ve posted an update 4 hours ago stating that they’ve resolved this problem on their VPS but not their cloud hosting platform. Hopefully they’ll fix it soon otherwise I’d look to migrate my website to another provider.

Hi dkumar,
This is exactly why I posted to this forum - So I am happy you have seen it.
Little wonder they have resolved the issue on their VPS - But I do believe it will NOT be revolved on the cloud.
I have had a reseller account with them for 5 years now and their service was one of the best around.
But it’s obvious to me that they wish to wish to finish the cloud hosting. They do not actively sell the product anymore it’s all Cpanel.
On top of the reseller fee I pay, I have had to pay them extra for a mail relay service, due to them being black listed with Microsoft for well over a year now and cannot resolve it!
Now this with the SSL! - it is causing me much trouble with my clients and I am now looking to move to Bluehost.
When I challenged support about this issue the other day on live chat, all they were interested in was up-selling me their own SSL certificates, which are not cheap.
They ‘apologise’ of course, but do not realise how difficult it is these days for self employed to carve a living, especially here in Spain with web development and hosting.
This is a deliberate attempt to disrupt services so people will in fact close the accounts and either take out VPS with them or move hosts - They don’t care, especially since they were taken over by Godaddy. TSO is their trading name and Paragon is a Godaddy company now! :frowning:

With regard to this problem, I decided to raise a ticket, rather than keep trying to talk to their agents on Live Chat:

here is the answer that TSO / paragon Hosting have supplied regarding the problem and I would be happy to hear from anyone in the Lets Encrypt Community if this is actually true:

TSO RESPONSE:
“The real issue is that Let’s Encrypt has removed the support for one of their algorithms, in their latest updates, which our LE service was based on, so our developers would need to create a new API from the scratch, this is exactly why, the problem’s resolution is taking so long”…

That’s my older speculation:

They had 2 years to do that.

The ACME-v2 API started 2018.

2 Likes

They do not have to start from scratch, they can modify the code of the previous client.
And it should not take so long, I patched my client from ACMEv1 to ACMEv2 in one day.

Thank you for your thoughts and indeed script, I have forwarded this to TSO - I will keep you updated

Hi @sanctre

I’ve just logged into my TSOhost cloud control panel and have successfully managed to renew the SSL certificate for my domain. It seems as though they have now resolved the issue at their end, so would suggest you try this and see if it now works for you.

All the best, Dev

1 Like

Hi @dkumar thank you, git it all sorted out now that they have done their coding ! :slightly_smiling_face:

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.