Trying To Get My Hosting Provider To Install They Issued A CSR But Not Sure What To Do Next

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: symbells.com

I ran this command: I didn’t

It produced this output: Nothing

My web server is (include version):Windows IIS 7.0

The operating system my web server runs on is (include version): Not sure

My hosting provider, if applicable, is: 3d cart

I can login to a root shell on my machine (yes or no, or I don’t know):

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):

Hi,

When you have a csr, you can go ahead and purchase / request to certificates.

In your case, (since it’s third party hosting and e-commerce) its better to use a paid certificate (since it has a long duration of 1yr+ than 3 months) to avoid renew issues.

However, you are welcome to use Let’s Encrypt tls certificate. You can go to sslforfree.com or zerossl.com and use web-based interface to request.

Thank you

P.S. for paid certificates, I personally suggest ssls.com or Namecheap.com (same company behind the scene)

Hi @stevenzhu,

I don’t see anything inappropriate about using Let’s Encrypt certificates for e-commerce. Lots of e-commerce sites already do use them. While using a paid certificate may help show that one has money to spend on infrastructure (which might be a useful signal to some customers), and using an EV certificate could help motivated customers confirm the seller’s legal identity (which a few customers might appreciate), the quality of the encryption and authentication will be the same, and Let’s Encrypt certificates can be used in PCI-compliant applications, for instance.

I agree that if your hosting provider doesn’t directly support Let’s Encrypt in an automated way, it might be more convenient to obtain a longer-lasting certificate than Let’s Encrypt offers, in order to avoid the inconvenience of forgetting to renew.

True…

Apologize for the mistake.

Also, that hosting provider seems to charge for installation. It would be worthwhile to find out if that charge is once-off or per-renewal; in the latter case it’s very likely that a cheap but long-lived commercial cert would work out to be better value (since Let’s Encrypt certs need to be renewed at least every 90 days).

Thank you everyone for the replies and the suggestions!!! you are absolutely correct I had to pay my hosting provider for installation, not sure if it was a one time charge or ongoing, you gave me a great question to ask. @stevenzhu thanks for the links the paid ones you referred are way more affordable than the ones my hosting provider was referring me to. @schoen you also brought up some valid points that I will take into consideration as I explore all my options!

We also have a forum thread about hosting providers who already support Let's Encrypt

—usually at no additional charge. However, I realize that isn't the only factor in people's decision about which web host to use!

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.