Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is: eticorp.us
I ran this command:
don’t know what commands to run
It produced this output:
so i got no output, of course
My web server is (include version):
The operating system my web server runs on is (include version):
Web hosting service
My hosting provider, if applicable, is:
I can login to a root shell on my machine (yes or no, or I don’t know): yes
'm using a control panel to manage my site (no, or provide the name and version of the control panel):
cPanel, but w/ LE connection disabled
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):
not using certbot.
i have experience using cPanel to create private and public keys. i have been able to get keys via SSLForFree using a browser, FileZilla and or cPanel.
Is it possible to use LE this way? it sure would make life easy.
yes, the host provider deliberately disabled LE, as it’s an income stream to the tune of $75 / site / year, and i have 8 domains.
so, the key is to be able to install software at the host provider, not just text files? i’d need to run certbot from host provider? i cannot get my local machine between the host and LE to get this accomplished?
Is SSLForFree.com a safe, secure alternative to LE? I’ve been able to get certs from them with ease.
No, sslforfree.com is a web-based front-end to LE. It takes the place of client software you should be running on your server.
AFAIK, they're entirely safe (as is zerossl.com, another site that does the same basic thing). The problem is that they're really doing the opposite of what Let's Encrypt is designed to do, which is automated issuance and renewal.
Yes. Let's Encrypt will give you a free cert that's valid for 90 days. That means you must renew it (at least) every 90 days (but ~60 days is the more common recommendation). It is intended that this be done automatically, which means by software. If your host doesn't allow you to install client software in your system, and has deliberately locked out cPanel's ability to get you a cert, I'd think it's time to move to a less user-hostile hosting provider.
I answered some of the initial questions quickly, but not accurately, and have made a botch of it. My main site is eticorp.us, for which the host procured a free (to me) cert. So that 's where the Clouflare comes in. I now understand that I need to ask the question in a different way. Will repost with more accuracy. Thanks to you all. I’ll start this over.