A couple of weeks ago I obtained a Let’ Encrypt certificate via the WordPress plugin called SSL ZEN: all went well installing this on the Bluehost provider. I now want to move my website to another service provider (TsoHost). I had assumed this was just a case of: 1. Pointing my DNS to the new server; 2. Waiting until this had propagated; and 3, Pasting in the Private Key (KEY), Certificate (CRT), and Certificate Authority Bundle (CABUNDLE ), already provided by SSL Zen, into the new Server’s cPanel.
However, the new service provider (TsoHost) says no. Instead, they want to issue a new Let’ Encrypt Certificate. I think their advice is incorrect. Please can you confirm the correct way to do this? Thank you.
As long as it is done securely, that should not be a problem (under normal circumstances).
[LE allows for up to 5 certificates to be issued within one week for the exact same set of names]
There's not really anything wrong with just getting a new certificate if you're not using HTTP Public Key Pinning (you probably don't). Let's Encrypt certificates are free of charge and if you stay away from the rate limits, just one prematurely "renewed" certificate doesn't really matter.
Thank everyone for your suggestions. However, my whole experience trying to move to TsoHost has been a disaster.
As detailed by Juergen Auer I have another domain called aqua3000.com, which is really just a parked domain: it just redirects traffic to hydrogeologist.net. As suggested, I requested TsoHost to issue me with a Lets Encrypt Certificate for hydrogeologist.net. Instead, by mistake, it seems they issued me with one for aqua3000.com. i.e… on a browser the locked SSL symbol for hydrogeologist.net showed a certificate for aqua3000.net.
To cut a long story short I then gave up on TsoHost and reverted back to Bluehost - to my original SSL certificate. Now the awful when type hydrogeologist.net into a browser (via a Swiss VPN), and click on the browser SSL symbol say “account suspended due to suspicious activity”. I contacted Bluehost who said it was not from their end.
Presumably Lets Encrypt did not like all these many SSL changes and has designated my SSL as suspicious? What to do?
Thank you checking this out for me. If it’s not a Lets Encrypt or a Bluehost issue, then I am not sure how this problem arose. It only occurred the day after moving my site back to Bluehost and is only visible when I use a VPN. I have never previously seen a “suspicious activity” message associated with my site (in the browser the message was a php type file-link associated with my domain), which is now perhaps cached by other servers to be propagated elsewhere.
It’s all beyond my limited comprehension of websites, WordPress and SSL. Previously, when my site was simply created just using html, http links and CSS there were no issues for 30-years. Perhaps a lesson: “if it works don’t fix it”. Anyway many thanks again for your time. I wish you a pleasant Xmas and Happy New Year.