Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is: eticorp.us
I ran this command:
don’t know what commands to run
It produced this output:
so i got no output, of course
My web server is (include version):
Apache
The operating system my web server runs on is (include version):
Web hosting service
My hosting provider, if applicable, is:
I can login to a root shell on my machine (yes or no, or I don’t know): yes
'm using a control panel to manage my site (no, or provide the name and version of the control panel):
cPanel, but w/ LE connection disabled
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):
not using certbot.
i have experience using cPanel to create private and public keys. i have been able to get keys via SSLForFree using a browser, FileZilla and or cPanel.
Is it possible to use LE this way? it sure would make life easy.
If you can log into a root shell and you’re allowed to install software, you may be able to install a Let’s Encrypt client application.
Did your hosting provider install cPanel for you but deliberately disable the Let’s Encrypt feature? Is the hosting provider trying to sell you certificates via another route?
I would like to ping @_az because he’s an expert on cPanel Let’s Encrypt integration.
yes, the host provider deliberately disabled LE, as it’s an income stream to the tune of $75 / site / year, and i have 8 domains.
so, the key is to be able to install software at the host provider, not just text files? i’d need to run certbot from host provider? i cannot get my local machine between the host and LE to get this accomplished?
Is SSLForFree.com a safe, secure alternative to LE? I’ve been able to get certs from them with ease.
thanks for your response.
yes, i have a working cert from SSLForFree, expiring in a few days. i have been told that SSLForFree is not safe. they are easy and quick. are they safe?
i’m not sure about the loop. i think the webhost did that, perhaps as a transition from http to https, but i am not sure. will check that with the provider this morning.
i do not understand the reference to Cloudflare. i see them in the host’s interface, cPanel, etc. is that something easy i should take advantage of?
No, sslforfree.com is a web-based front-end to LE. It takes the place of client software you should be running on your server.
AFAIK, they're entirely safe (as is zerossl.com, another site that does the same basic thing). The problem is that they're really doing the opposite of what Let's Encrypt is designed to do, which is automated issuance and renewal.
Yes. Let's Encrypt will give you a free cert that's valid for 90 days. That means you must renew it (at least) every 90 days (but ~60 days is the more common recommendation). It is intended that this be done automatically, which means by software. If your host doesn't allow you to install client software in your system, and has deliberately locked out cPanel's ability to get you a cert, I'd think it's time to move to a less user-hostile hosting provider.
I answered some of the initial questions quickly, but not accurately, and have made a botch of it. My main site is eticorp.us, for which the host procured a free (to me) cert. So that 's where the Clouflare comes in. I now understand that I need to ask the question in a different way. Will repost with more accuracy. Thanks to you all. I’ll start this over.
I set up the whole question wrong to start with. eticorp.us is my main domain at Westhost.com, where the host set up a
certificate as part of the subscription fee.
I have half a dozen or so other domains where I need additional certs
which I procured thru SSLForFree, one being LicenseManager.us.
I’m not sure about the http > https loop business, but will contact
Westhost about that.
I have closed this topic and opened a new one with more accurate info (I
hope, eh?).