Update CSR before expiration with bash script

I have several domains on my server that I service. I am currently using sslforfree.com to generate the certs. And the problem is every three months I have to renew a bunch of certs. I would like to learn how to do this autonomously.

My domain is:

My web server is (include version):
cpanel / WHM

The operating system my web server runs on is (include version):
Current / uptodate

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don’t know):

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):

Hi @jtrimm007

cpanel has an integrated letsencrypt-client. So it's the best you don't use an own client.

Instead, use the cpanel-client.

However, he said he is using GoDaddy as hosting, and GoDaddy does not enable autossl since they are also a paid CA.

1 Like

If you can login to a root shell, you might choose any of the many available clients.

Let's Encrypt recommends certbot, the ACME client developed by the EFF.

1 Like

Oh, thanks. Good to know. And not good, that GoDaddy blocks this. No active support - ok. But if someone wants to use it with cpanel - not good.

1 Like

But he'll always need to manually update the certificate in cPanel. Since cPanel... Doesn't actively allow to use API to update an certificate.


I know that might not be an active option, but I personally suggest to use a cheap positive ssl certificate (from Comodo), which normally cost $3~$6 per year (and save you from renew hell since cPanel normally doesn't allow you to install certificate automatically unless autossl)

P.S. compare to GoDaddy certificate, which cost $60 or more....

P.S.2 buy the certificate from ssls.com (that's the cheapest options I could found....)

Thank you

Or, consider using a different hosting provider that better supports Let's Encrypt, including one that provides a similar software stack overall.

I don't know if a hosting provider could also disable this, but cPanel does have such an API:


It's natively supported by acme.sh and if I remember correctly @_az has also written some experimental Certbot support for it. So in some hosting environments without AutoSSL, it might still be possible to automate the certificate renewal using cPanel.

The fact the topicstarter uses cPanel, doesn't mean he can ONLY use cPanel? B/c he can login as root, he might choose to bypass cPanel altogether.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.