The cPanel for the website I'm working on has a SSL/TLS feature in the security section


#1

The cPanel for the website I’m working on has a SSL/TLS feature in the security section so it looks like I can use an SSL certificate with that. It does not have the Let’s Encrypt feature though. I will paste in the features when I go to it:

Private Keys (KEY)

Generate, view, upload, or delete your private keys.

Certificate Signing Requests (CSR)

Generate, view, or delete SSL certificate signing requests.

Certificates (CRT)

Generate, view, upload, or delete SSL certificates.

Install and Manage SSL for your site (HTTPS)

Manage SSL sites.

My domain is: http://nextlevelcbd.net/

I ran this command: NA

It produced this output: NA

My web server is (include version): Unknown

The operating system my web server runs on is (include version): Unknown. It has the cPanel and I am using a Wordpress site there.

My hosting provider, if applicable, is: Unknown, but I’m pretty sure it goes through GoDaddy. According to my client, he move from GoDaddy to someone offering free hosting. If you use the Whois Lookup, his domain appears to be at GoDaddy.

I can login to a root shell on my machine (yes or no, or I don’t know): Yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): Yes, cPanel, Home Directory: /home/nextlevelcbd, Shared IP Address: 132.148.155.20


#2

I have never done this before, but it looks like I can easily install an SSL certificate if I get one… using the existing feature in the security section of the cPanel.


#3

Hi @robmonster

what’s are the options there:

There should be somewhere a simple option “Create a new Letsencrypt certificate”.

All the other things (generating private keys, own CSR etc.) are not required.

Only Certificates and the Management part.


#4

If I click on this one:

Certificates (CRT)

Generate, view, upload, or delete SSL certificates.

I get a page that says:

SSL Certificates

You can use a self-signed certificate or a trusted certificate from an SSL Certificate Authority. If you plan to use a self-signed certificate for one of your sites, you can generate it below. To use a trusted certificate, upload or provide the certificate below, after you have received the SSL certificate from your trusted provider.

Upload a New Certificate

Use this form to upload a certificate provided by a third-party Certificate Authority. You may either paste the body of the certificate or upload it from a “.crt” file.

I can also:

Generate a New Certificate

Use this form to generate a new, self-signed certificate for your domain. Typically, self-signed certificates are temporarily used until you receive a trusted SSL certificate from your SSL certificate authority.


#5

PS: But you have already a valide certificate:

Domainname Http-Status redirect Sec.
http://www.nextlevelcbd.net/
132.148.155.20 301 http://nextlevelcbd.net/ 1.540
http://nextlevelcbd.net/
132.148.155.20 200 3.100
https://www.nextlevelcbd.net/
132.148.155.20 301 https://nextlevelcbd.net/ 3.704
https://nextlevelcbd.net/
132.148.155.20 200 5.310

Your certificate is valide 08.11.2018 - 07.02.2019


#6

If you go to my website, you will see that it is not secure. There is no HTTPS.


#7

I have this issue with WooCommerce: " Stripe is enabled, but a SSL certificate is not detected. Your checkout may not be secure! Please ensure your server has a valid SSL certificate"


#8

Perhaps it has something to do with my client (the owner of the domain) having moved the domain from GoDaddy to this other guy that hosting on the GoDaddy server??


#9

You don’t have a redirect. But this is another problem.

Your https

works. Has some mixed content warnings you should fix. FireFox or Chrome, Ctrl + Shift + I, then you see the console. There are some http links, you should change to https.

PS: If your cPanel doesn’t support Letsencrypt (missing option under Certificates), it’s painful.

But there is a cPanel-certificate with 6 names:

nextlevelcbd.net, 
cpanel.nextlevelcbd.net, 
mail.nextlevelcbd.net, 
webdisk.nextlevelcbd.net, 
webmail.nextlevelcbd.net, 
www.nextlevelcbd.net

#10

Certificates on Server

Domains Issuer Expiration (UTC) Key Size Description Actions
nextlevelcbd.net


www.nextlevelcbd.net|- Self Signed -|11/8/19|2048|Cert for “nextlevelcbd.net”| Edit Delete Install|
|nextlevelcbd.net
cpanel.nextlevelcbd.net
mail.nextlevelcbd.net
webdisk.nextlevelcbd.net
webmail.nextlevelcbd.net
www.nextlevelcbd.net|cPanel, Inc.|2/7/19|2048|Cert for “nextlevelcbd.net” 1541696226.0| Edit Delete Install|


#11

How did you get that??


#12

I use my own online tool:

There are a lot of problems in this forum. So it’s easy to check a lot of things in one step.


#13

I noticed some issues when I used the Facebook debugger. What you said sounds like the same sort of thing. I added some metadata tags to the header.php file for the theme it uses. Some of it is out of order, perhaps.

I had to add this to the functions.php file:
add_filter( ‘jetpack_enable_opengraph’, ‘__return_false’, 99 );


#14

Could that be what is preventing the SSL certificate from working? It did not have HTTPS before I added the tags.


#15

That’s great… I am no coder or “guru” and am just trying to learn how to get an SSL certificate for this website that works with the eCommerce features.


#16

Is there something that will fix those issues automatically? I have no idea of how to do it.


#17

Sorry about all these questions. It looks like this indicates the problems but I need to learn how to fix it. Is there a place where it will tell me how??

Comments

A name “nextlevelcbd.net” is domain, public suffix is “net”
A good: one preferred version: non-www is preferred
B https://nextlevelcbd.net/ 132.148.155.20 200 Missing HSTS-Header
B https://www.nextlevelcbd.net/ 132.148.155.20 301 Missing HSTS-Header
C Error - more then one version with Http-Status 200
D http://www.nextlevelcbd.net/ 132.148.155.20 301 http://nextlevelcbd.net/ wrong redirect one version http to other version http - first redirect to https without new dns query
D http://www.nextlevelcbd.net/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de 132.148.155.20 301 http://nextlevelcbd.net/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de wrong redirect one version http to other version http - first redirect to https without new dns query
H fatal error: http result with http-status 200, no encryption
O Old connection: SHA1 as Hash Algorithm is deprecated. Switch to SHA256 or SHA384
http://nextlevelcbd.net/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de 132.148.155.20 404 1.740 seconds Warning: 404 needs more then one second
A Duration: 16837 milliseconds, 16.837 seconds


#18

My other question is… If I find out how to add the metadata tag in the correct order, will it fix the problem? Are tags in the header like this the cause of the SSL issue??:

<title>Next Level CBD Cream</title>

<!-- Schema.org markup for Google+ -->
<meta itemprop="name" content="Next Level CBD, LLC">
<meta itemprop="description" content="Next Level CBD, LLC distributes a special pain relief cream made with CBD oil. We will seek, train and assist 1000 individual distributors to sell 25 thousand units of product monthly.">
<meta itemprop="image" content="https://www.nextlevelcbd.net/nextlevelcbd-logo-facebook.png">

<!-- Twitter Card data -->
<meta name="twitter:card" content="summary_large_image">
<meta name="twitter:site" content="@robertheston">
<meta name="twitter:title" content="Next Level CBD Cream">
<meta name="twitter:description" content="Next Level CBD, LLC distributes a special pain relief cream made with CBD oil.">
<meta name="twitter:creator" content="@robertheston">
<!-- Twitter summary card with large image must be at least 280x150px -->
<meta name="twitter:image:src" content="https://www.nextlevelcbd.net/nextlevelcbd-logo-facebook.png">
<!-- Open Graph data -->
<meta property="og:image" content="https://www.nextlevelcbd.net/nextlevelcbd-logo-facebook.png" />
<meta property="og:title" content="Next Level CBD Cream" />
<meta name="og:site_name" content="nextlevelcbd.net"/>
<meta property="og:image" content="https://www.nextlevelcbd.net/nextlevelcbd-logo-facebook.png" />
<meta property="og:description" content="Next Level CBD, LLC distributes a special pain relief cream made with CBD oil. We will seek, train and assist 1000 individual distributors to sell 25 thousand units of product monthly." />
<meta property="article:tag" content="cbd oil, topical pain relief, cbd cream, purchase, distributor opportunity, training, cbd for pain, cannabidiol, cannabis" />
<meta name="og:locality" content="Cary"/>
<meta name="og:region" content="NC"/>
<meta name="og:country-name" content="USA"/>
<meta name="og:email" content="greg@nextlevelcbd.net"/>
<meta name="og:latitude" content="35.767290"/>
<meta name="og:longitude" content="-78.834100"/>

#19

Meta tags in your website are not relevant to your ssl-questions.

First a browser starts a SSL-connection, then it’s something like “http over SSL”.


#20

That’s a question of your system configuration. There are millions of different systems and config options.