My client's domain name and email are hosted by iPower! He has been with them a long time and does not want to change. I used A records to point to his new website because I could not change the DNS. Is there a way to use A Records with Let's Encrypt that is free with the hosting package. If not are there suggestions on how I can get an SSL using A records only?
My web server is (include version):
Hostinger VPS with CloudPanel
The operating system my web server runs on is (include version):
Ubuntu 22.04
My hosting provider, if applicable, is:
Hostinger
I can login to a root shell on my machine (yes or no, or I don't know):
Maybe
I'm using a control panel to manage my site (no, or provide the name and version of the control panel): CloudPanel
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):
Thank you, I did look at this. It seems that the free Let's Encrypt SSL is out of the question. Which is what I was hoping to find a way here. If not I will purchase and import as mentioned at the bottom of the page you recommended.
An A record that points to a web service (like Apache or nginx) can be used to get a Let's Encrypt cert. This is called the HTTP Challenge. Or, more advanced is a TLS-ALPN challenge using port 443 which also uses an A record. An AAAA record for IPv6 is also supported for either.
There is also an option to use a TXT record in the DNS for the DNS Challenge.
I believe the CloudPanel docs you were referred to use the HTTP Challenge.
Why do you think this won't work? Can you explain in more detail? Here is info about the challenge types
Correct. To use the HTTP Challenge the DNS must have an A (and/or AAAA) record that points to the web service.
These records would be needed by anyone on the public internet to find and connect to your domain. This is not unique to Let's Encrypt
Bruce's post showed that a DNS A record for atlantisarchitects.com already points to 93.188.167.247. I also see DNS A record for clp.io and www.clp.io. I don't know why CloudPanel can't see them.
Maybe you just need to instruct CloudPanel about that? I'm not sure I don't use CloudPanel and didn't read their docs. This might be a better question for their support forum
Can you please specify what the issue was and what fixed that issue for you? Then you can mark your post as the answer to the thread for future readers
The issue turned out to be that I misinterpreted the statement in the documents that said a DNS record pointing to this server is required to issue the Let's Encrypt Certificate. I assumed that meant the NS records that I could not change due to the email issue. So I did not test the install. After this conversation I tested the install, as mentioned the domain was pointed using A records. I am assuming the installation does the challenge types referenced above and the certificate installed without a hitch.
