I am going to install Let’s Encrypt on cPanel for the first time. My WordPress website is in development. Hence, I haven’t created all of my web page URLs. I would like more information about securing sub-domains and additional web page URLs with Let’s Encrypt.
If I secure “www.example.com” and “example.com” will Let’s Encrypt consider I may have a forward slash after the TLD or do I need to secure each URL separately?
If the pages share the same domain (www.example.com/*), they will all be covered by the same certificate. However, if you change the domain or sub-domain (www.example.org or someotherthing.example.com), you will need to get a new certificate that covers those additional names. While you’re developing your site, it may be useful to consider all the domains/sub-domains you’ll need to secure so you don’t bump up against the Let’s Encrypt rate limits. I’d say securing www and the root (non-www) domains of your site is probably a good place to start. Regarding your question about renewing/adding additional domains, it’s pretty simple if all your domains point to the same server; all you have to do is request a new certificate using whatever ACME client you’re using.
Thanks for your response koluke. It is very helpful. Here is my understanding and some questions please.
Anything after .com/* with the same domain is covered by the same cert
Different domain’s or sub-domain’s need a different cert. – Is there a way I can have all of my URLs that use the same domain and have sub-domains use the same cert?
Yes, everything with the same host name is covered by the same certificate. Everything after the / is the path part of the URL
Not quite, but every host must have a certificate that is valid for that specific host name. One certificate can have multiple hostnames (one of the most common would be www.example.com and example.com). Let’s Encrypt lets you request up to 100 hostnames (this means unique subdomains and domains) per certificate.
koluke, I just thought of something that I needed clarification on. If you can kindly help me please.
Since everything after the / is covered by the same certificate, does it mean I don’t have to manually enter anything with “/” i.e. example.com/directory during setup?
Correct. in the first case you would just need a cert for example.com so only need to specify the one. in the second case you would need a cert for all 3 domains, so would need to specify all 3.
If you are doing this on the latest version of cpanel, with autossl, then it hould be able to handle all this automatically for you.
Thanks serverco. I need to check what version of cPanel I am using. I am with GoDaddy, shared hosting plan. According to your response, in the 2 cases you explained, does that mean I will have 2 different certificates? What does autossl do and can you please point me the steps for this so that I can set it up?
I am planning to use the below steps. Does this include autossl?
Those instructions don't include autossl, no. AutoSSL is a function built into cpanel - cPanel's Official Let's Encrypt™ Plugin | cPanel Blog but I have no idea if that is enabled on your account or not. I suspect with a google shared hosting plan it isn't. If it was, then you have to tick one box just once, and then everything is automatically done for you, forever.
SSH is a secure method of accessing your server (text based command line)
root is related to permissions. as a root user you have permission to do everything, as in individual user you have limited access. You would only get root access if it's your server (i.e. a dedicated or VPS, not a 'shared' server )
We could also say that, if you have root access, you almost certainly have ssh access (because ssh is likely how you would log in to administer the server). But if you have ssh access, you don’t necessarily have root access (because your access could be as a non-administrative user).