Transfering a domain & certificate

My domain is: hydrogeologist.net
My hosting provider, if applicable, is: bluehost.com

A couple of weeks ago I obtained a Let’ Encrypt certificate via the WordPress plugin called SSL ZEN: all went well installing this on the Bluehost provider. I now want to move my website to another service provider (TsoHost). I had assumed this was just a case of: 1. Pointing my DNS to the new server; 2. Waiting until this had propagated; and 3, Pasting in the Private Key (KEY), Certificate (CRT), and Certificate Authority Bundle (CABUNDLE ), already provided by SSL Zen, into the new Server’s cPanel.

However, the new service provider (TsoHost) says no. Instead, they want to issue a new Let’ Encrypt Certificate. I think their advice is incorrect. Please can you confirm the correct way to do this? Thank you.

1 Like

As long as it is done securely, that should not be a problem (under normal circumstances).
[LE allows for up to 5 certificates to be issued within one week for the exact same set of names]

2 Likes

There's not really anything wrong with just getting a new certificate if you're not using HTTP Public Key Pinning (you probably don't). Let's Encrypt certificates are free of charge and if you stay away from the rate limits, just one prematurely "renewed" certificate doesn't really matter.

2 Likes

Hi @JMA

if the hoster has an integrated solution, you should use that. Then it's an automated solution, so you don't have to do that manual.

And the integrated solution may block (sample!) the http validation you need to validate your domain.

So use that solution.

2 Likes

Checking your domain there are cPanel - certificates - https://check-your-website.server-daten.de/?q=hydrogeologist.net#ct-logs

And you use the latest:

CN=hydrogeologist.net
	07.12.2019
	06.03.2020
expires in 76 days	autodiscover.hydrogeologist.net, cpanel.hydrogeologist.net, 
hydrogeologist-net.aqua3000.com, hydrogeologist.net, mail.hydrogeologist.net, 
webdisk.hydrogeologist.net, webmail.hydrogeologist.net, 
www.hydrogeologist-net.aqua3000.com, www.hydrogeologist.net - 9 entries

So there is no need to use SSL ZEN. That wouldn't work with that integrated cPanel-Solution.

1 Like

Thank everyone for your suggestions. However, my whole experience trying to move to TsoHost has been a disaster.
As detailed by Juergen Auer I have another domain called aqua3000.com, which is really just a parked domain: it just redirects traffic to hydrogeologist.net. As suggested, I requested TsoHost to issue me with a Lets Encrypt Certificate for hydrogeologist.net. Instead, by mistake, it seems they issued me with one for aqua3000.com. i.e… on a browser the locked SSL symbol for hydrogeologist.net showed a certificate for aqua3000.net.
To cut a long story short I then gave up on TsoHost and reverted back to Bluehost - to my original SSL certificate. Now the awful when type hydrogeologist.net into a browser (via a Swiss VPN), and click on the browser SSL symbol say “account suspended due to suspicious activity”. I contacted Bluehost who said it was not from their end.
Presumably Lets Encrypt did not like all these many SSL changes and has designated my SSL as suspicious? What to do?

Checking your domain in my browser: All is ok. There is no problem visible, a new Letsencrypt certificate.

May be a problem with your cache or with the VPN. Use online tools to check your domain.

That's not a Letsencrypt thing. Only thing you have to check: Don't create too much certificates -->> rate limit. The hoster isn't relevant.

1 Like

Thank you checking this out for me. If it’s not a Lets Encrypt or a Bluehost issue, then I am not sure how this problem arose. It only occurred the day after moving my site back to Bluehost and is only visible when I use a VPN. I have never previously seen a “suspicious activity” message associated with my site (in the browser the message was a php type file-link associated with my domain), which is now perhaps cached by other servers to be propagated elsewhere.

It’s all beyond my limited comprehension of websites, WordPress and SSL. Previously, when my site was simply created just using html, http links and CSS there were no issues for 30-years. Perhaps a lesson: “if it works don’t fix it”. Anyway many thanks again for your time. I wish you a pleasant Xmas and Happy New Year.

2 Likes

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.