Steps to install SSL to Namecheap cPanel?

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: cardsetcetera.com, sub - sweetstinkers.com, there will be a 3rd one not hosted yet.

I ran this command:

It produced this output:

My web server is (include version): server62.web-hosting.com

The operating system my web server runs on is (include version):

My hosting provider, if applicable, is: Namecheap

I can login to a root shell on my machine (yes or no, or I don't know): I don't think so, I don't know.

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): Yes - cPanel

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): I have no idea what certbot is.

Hi @tita1cez, and welcome to the LE community forum :slight_smile:

Have you asked at NameCheap?

5 Likes

Yes, they said they allow but do not have it installed. That I am welcome to install it. I have no clue where to start other than knowing I can get it from here.

Here's the reply from chat.
The Let's Encrypt certificates can be surely installed on our hosting plans. However, we do not have any tools that can install/implement their certificates. Thus, they should be obtained from the provider directly and installed manually.

Try CertSage ACME client (version 1.4.1) - easy webpage interface, optimized for cPanel, no commands to type, root not required.

7 Likes

And they did not point you to a PDF or online instructions???
How?

5 Likes

Thank you! I am trying it right now.

2 Likes

I got the staging key showing in the CertSage directory. It took me awhile as I changed my main domain and troubleshoot why not working (was pointing to wrong server).
But my website is not up yet, so I should wait before I acquire production key?
At this point I really have no idea what to see. I received notification that my SSL was to expire but that's for the previous main domain. This new main domain never had SSL as it wasn't hosted.
I am looking at using Wordpress. If I cannot make a go of it, I'd look at Shopify. Will the process be the same?

1 Like

Author of CertSage here. :slightly_smiling_face:

While CertSage has some optimizations for cPanel, you can use it in pretty much any webhosting scenario, possibly with a little tweaking. I've included some guidance for WordPress in the official release pages in this community. (See @_az's link above, which points to the latest official release and information.) You don't need to wait (and probably shouldn't wait) until your site is fully formed to get your production cert. If you were able to successfully acquire a staging cert then you are almost guaranteed to be able to successfully acquire a production cert. Let be know if you run into any trouble.

4 Likes

Hello again,
I tried the staging first. It said successful. Then today I requested the production one and followed the steps up to updating of contact and all said successful. But still showing Not Secure. I went to the .crt to edit but it's all encrypted.

Also, in the Domains to Force to https redirect, the button is grayed out and an alert says there is none or the SSL is not valid.

Please advise what to do next.

Thank you.

2 Likes

When I open the .crt (or even the key files) what I see is starts with
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISBCySK/ReslONR70NnCYbb0xpMA0GCSqGSIb3DQEBCwUA

---END CERTIFICATE-----

2 Likes

Did you install your production certificate into cPanel via the button on the main page of CertSage?

4 Likes

Yep. That's PEM format as it should be. The "header" and "footer" lines are called the "armor". The seemingly-encrypted block inside the armor isn't actually encrypted. It's Base64-encoded DER, not that you need to know or understand what that means to succeed here. I'm merely providing deep information should you (or anyone who comes along) wish to know more. The information and tools that follow are enough to bring anyone up to nearly an expert level when it comes to certificates. Please don't feel that you need to absorb it all. :slightly_smiling_face:


Per the chain of trust, there are actually three certificates in the following order in your .crt file:

  1. Your leaf (aka subscriber) certificate
  2. Let's Encrypt's R3 intermediate certificate
  3. Let's Encrypt's ISRG Root X1 root certificate signed by IdenTrust's DST Root CA X3 root certificate

Should you wish to view the information contained in any of these certificates, you can use the following tool:

https://redkestrel.co.uk/products/decoder/


Should you wish to inspect the certificate service of a website, you can use the following tool (where port 443 is HTTPS):

5 Likes

I've just posted a slightly more extensive article here:

5 Likes

So I tried again. In the end where I have to force to https, it said cannot enable force redirect to https because my server is not configured to support it.
Is that the end of it other than confirming with namecheap that it is so? and that I have to pay for https?
Or is there something I missed along the line?

Thank you so much again.

1 Like

I see DV for www.cardsetcetera.com but not for without www.
I only entered www... on the request for production cert.
Did that make the difference?

I cannot see that you've even acquired a production certificate for cardsetcetera.com, but it may not have been reported yet:

Once you have acquired a production certificate, you need to actually install that certificate into cPanel using the button on your CertSage page. Simply acquiring a production certificate does not automatically install it into cPanel.

5 Likes

You need to put both cardsetcetera.com and www.cardsetcetera.com in the domain name box (on separate lines) to acquire a certificate that covers both.

5 Likes

I see an expiration of 8/11.
On the Domain, it also said I cannot do the https because it was not issued via AutoSSL or the cert was not valid.

Did you get an error message from CertSage when you tried to install your certificate into cPanel.

4 Likes