I’m looking to generate and SSL certificates using certbot in manual mode and then send these to my web hosting provider. I just need some more detailed instructions of how to do this as outlined in the Manual section of the certbot user guide: https://certbot.eff.org/docs/using.html#manual
I ran this command: n/a Still trying to get certbot installed for manual use only
It produced this output: n/a
My web server is (include version): Internetse is hosting my website and Email services on their own servers ns1.tba.net and ns2.tba.net
The operating system my web server runs on is (include version): I don’t know. My hosting provider says:
“If you wish you can get it [SSL certificate] from anyone and send it to us and we will install it for you for free because we don’t provide SSH access, but you must do all the preparation work yourself which will be easy if you have good technical knowledge with the certificate installation.
Please send the certificate in PFX file includes the certificate and the key and the password.”
I can login to a root shell on my machine (yes or no, or I don’t know): I don’t know. I have a Mac I can run a Terminal session.
I’m using a control panel to manage my site (no, or provide the name and version of the control panel): I’m using wordpress as provided by internetse to edit my website.
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): not dowloaded or installed yet.
Before you start down this path, do you understand that you will need to repeat this entire process of emailing your provider at least every 90 days, as the certificates from Let's Encrypt only have a duration of 90 days?
If your hosting provider doesn’t want to integrate Let’s Encrypt, but does support uploading custom certificates, you can install Certbot on your own computer and use it in manual mode. In manual mode, you upload a specific file to your website to prove your control. Certbot will then retrieve a certificate that you can upload to your hosting provider. We don’t recommend this option because it is time-consuming and you will need to repeat it several times per year as your certificate expires. For most people it is better to request Let’s Encrypt support from your hosting provider, or switch providers if they do not plan to implement it.
If you're set on doing it the hard way, you don't necessarily have to use Certbot. There's not much point installing it if you're doing it all by hand. You can use a website like Free SSL Certificates and SSL Tools - ZeroSSL to achieve the same thing, in a somewhat friendlier way.
Yes. If the website proves useful I’ll end up paying the provider to generate and install the SSL certificate, but right now I would like to get it up and running without the “non-secure” label with minimum investment.
I tried using the zerossi link and it seems really easy to follow. But got an error:
Invalid response from http://williamorme.com/69yygzzely4mw-134mqp0eoa8gh5qzflannqf2shngy/ [193.13.133.111]: "\n<html lang=“en-GB” class=“no-js”>\n\n\t<meta charset=“UTF-8”>\n\t<meta name=“viewport” content=“width=device-wi”
I’m guessing when I used Wordpress to create the text file it actually created an html file. Any idea how you can get a plain text file in to the root folder using WordPress? I was using Add New Page.
Generally you want to use the file manager that comes with your web hosting. Maybe FTP, maybe some kind of web control panel. Whatever was provided to you.
I don’t know whether you can directly upload files to arbitrary paths with WordPress - at least not without some plugins.
Thanks for your help. Internetse provide me with Wordpress to edit my website. I have asked them how I can upload the text files and they said send them to us, which I’ve now done.
I have installed the WP File Manager plug in, which from its description should allow me to upload files, but I can find the webroot directory for my website. It seems very strange that wouldn’t be accessible, but the plug in is not that intuitive for doing that and I haven’t found better instructions on line yet.
When my web hosting provider placed the text files in the required location I got an error from ZeroSSL below. Wondering if I should try DNS verification instead of HTTP?
I should add, I have tried with the Mac application Keychain Access, but can’t work out how to get the certificate and key in as it seems to only import .pfx or .p12 format files.
Thanks, I did start looking at this utility. The certificate and key files I have from ZeroSSL are both .txt files. Should I relabel them .cert and .pem? Or do these need converting first? Thanks.