Author of CertSage here.
While CertSage has some optimizations for cPanel, you can use it in pretty much any webhosting scenario, possibly with a little tweaking. I've included some guidance for WordPress in the official release pages in this community. (See @_az's link above, which points to the latest official release and information.) You don't need to wait (and probably shouldn't wait) until your site is fully formed to get your production cert. If you were able to successfully acquire a staging cert then you are almost guaranteed to be able to successfully acquire a production cert. Let be know if you run into any trouble.
I tried the staging first. It said successful. Then today I requested the production one and followed the steps up to updating of contact and all said successful. But still showing Not Secure. I went to the .crt to edit but it's all encrypted.
Also, in the Domains to Force to https redirect, the button is grayed out and an alert says there is none or the SSL is not valid.
Please advise what to do next.
When I open the .crt (or even the key files) what I see is starts with
Did you install your production certificate into cPanel via the button on the main page of CertSage?
Yep. That's PEM format as it should be. The "header" and "footer" lines are called the "armor". The seemingly-encrypted block inside the armor isn't actually encrypted. It's Base64-encoded DER, not that you need to know or understand what that means to succeed here. I'm merely providing deep information should you (or anyone who comes along) wish to know more. The information and tools that follow are enough to bring anyone up to nearly an expert level when it comes to certificates. Please don't feel that you need to absorb it all.
Per the chain of trust, there are actually three certificates in the following order in your .crt file:
- Your leaf (aka subscriber) certificate
- Let's Encrypt's R3 intermediate certificate
Let's Encrypt's ISRG Root X1 root certificate signed by IdenTrust's DST Root CA X3 root certificate
Should you wish to view the information contained in any of these certificates, you can use the following tool:
Should you wish to inspect the certificate service of a website, you can use the following tool (where port 443 is HTTPS):
I've just posted a slightly more extensive article here:
So I tried again. In the end where I have to force to https, it said cannot enable force redirect to https because my server is not configured to support it.
Is that the end of it other than confirming with namecheap that it is so? and that I have to pay for https?
Or is there something I missed along the line?
Thank you so much again.
I see DV for www.cardsetcetera.com but not for without www.
I only entered www... on the request for production cert.
Did that make the difference?
I cannot see that you've even acquired a production certificate for
cardsetcetera.com, but it may not have been reported yet:
Once you have acquired a production certificate, you need to actually install that certificate into cPanel using the button on your CertSage page. Simply acquiring a production certificate does not automatically install it into cPanel.
You need to put both
www.cardsetcetera.com in the domain name box (on separate lines) to acquire a certificate that covers both.
I see an expiration of 8/11.
On the Domain, it also said I cannot do the https because it was not issued via AutoSSL or the cert was not valid.
Did you get an error message from CertSage when you tried to install your certificate into cPanel.
Should I start over? I will include cardsetcetera.com
No error whatsoever. Very smooth.
Yes, please acquire a single production certificate covering both
www.cardsetcetera.com then continue from there.
Thanks, will do. Have a good night.
You as well. Please let me know how it goes.
I think it's successful, but confused - it I enter https, there's no Not secure, but if I enter only www.... it still showing Not secure. Both cardsetcetera.com and www.cardsetcetera.com are showing with valid certificates, expiring 8/12. Is that normal?
And now, I will have to work on the add ons.
They both now have correct redirects from HTTP to HTTPS, so if you don't see that for the www, you can try clearing your browser cache or force-reloading. It looks right to me in general.
Yes, it was pointing to https this morning, but not anymore.
I was about to do the same for the add-on and realized I should have added it from the get go (my SSL with namecheap had different expirations so I thought SSL are dedicated to one site only).
And then I realized my 2nd add-on domain was with GoDaddy. So I uninstalled the cert. Then I pointed my other domain with GoDaddy to namecheap.
Now I am about to start the request for SSL but I get an error saying it's private and I can't get through.
In the time I was waiting for GoDaddy to update the DNS, the only other change I made was update my user password for mySQL database and downloaded a theme. I didn't think that should make a difference.
Where/what should I look at this time. I don't mind the repetition however frustrating. I am learning.
Thank you so much for all the help.
I figured out that it's because domain is forced to https. I turned it off and used a different browser. I think I can proceed to do the main and add-ons.