Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
I ran this command: none yet – although I tried clicking on "fill in automatically" – and then some text came up but there was a warning that it would be a weak certificate as it was self-signed
It produced this output: none (some text as mentioned above)
My web server is (include version): I don't know
The operating system my web server runs on is (include version):
My hosting provider, if applicable, is: DomainFactory
I can login to a root shell on my machine (yes or no, or I don't know): I don't know
I'm using a control panel to manage my site (no, or provide the name and version of the control panel): I don't know (im logged in a cPanel but I see no version)
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): N/A
Thanks Dan. That's more of an FAQ how SSL works with DF in general. New orders/contracts get free SSL included but my account was migrated to a new plan and there is no SSL included (even though there was at least one included before). I had support on the phone and the lady pointed me to the cPanel were I can install a certificate but I need to fill out text fields with "CRT", maybe "Private Key" and maybe "CABUNDLE". When I hit "fill out for your domain automatically", some text appeared in the first to text boxes but there was a warning for the first box as it said "self-signed is weaker". It feels like my other domain (that already has a SSL is "self-signed" as well though).
Thanks everyone. That worked!
One subdomain failed but I don't use it at the moment.
Also, am I meant to keep the password.txt and re-use it for renewal or will it be the exact same process and I overwrite the certsage.php and get a new password then?
One last question, I just bought a new domain but it isn't showing up yet in the root domain... Is it because I haven't connected it to content yet? This time it won't be WordPress or Webflow but GoHighLevel as the system.
You should keep certsage.php and its data directory and contents intact for renewals. You might want to read the following for additional knowledge and handling multiple domain names:
I'm not exactly sure what you mean by your last question. Did you add your domain name to cPanel?
Thanks for clarifying, Griffin. It seems like my latest domain has already SSL included. I still wonder why there is no folder for this new domain on the cPanel but as long as everything works, I'm happy. Thanks for the excellent support.
Since you're using DomainFactory as your hosting provider, I think they offer cert management through their control panel.
Many hosting providers offer Let’s Encrypt certificates for free. If DomainFactory doesn’t support Let’s Encrypt or automatic SSL installation then you need to get one from a third-party vendor.
Once you have it, install the certificate via cPanel's SSL/TLS Manager. After installation, you can verify the certificate by using https://certera.com/ssl-tools/ssl-checker.
No, there are other ways to get Let's Encrypt certs without paying for them from a third-party. In fact, @griffin is the author of a tool to allow just that.
Given this comment and your referral to a (broken) tool on a website that sells certificates your post comes across like spam.
@MikeMcQ I agree with you on both the points. However, I do not have any affiliation with the provider. The reason I shared it here is that it's free. Qualys one is also good and I use it often.
Well, I don't know about "perfectly fine" but I do see some results now. It didn't when I posted. You can see the error message on the bottom of the pic I included.
I spot-checked a couple domain names and had other problems. A domain that started with a number was rejected as invalid. Another domain that has port 443 blocked doesn't show any error message or data. I don't plan to put this one in my fave toolkit We're now getting pretty far off-topic.
We're now getting pretty far off-topic.