My client's domain name and email are hosted by iPower! He has been with them a long time and does not want to change. I used A records to point to his new website because I could not change the DNS. Is there a way to use A Records with Let's Encrypt that is free with the hosting package. If not are there suggestions on how I can get an SSL using A records only?
My web server is (include version):
Hostinger VPS with CloudPanel
The operating system my web server runs on is (include version):
My hosting provider, if applicable, is:
I can login to a root shell on my machine (yes or no, or I don't know):
I'm using a control panel to manage my site (no, or provide the name and version of the control panel): CloudPanel
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):
Thank you, I did look at this. It seems that the free Let's Encrypt SSL is out of the question. Which is what I was hoping to find a way here. If not I will purchase and import as mentioned at the bottom of the page you recommended.
An A record that points to a web service (like Apache or nginx) can be used to get a Let's Encrypt cert. This is called the HTTP Challenge. Or, more advanced is a TLS-ALPN challenge using port 443 which also uses an A record. An AAAA record for IPv6 is also supported for either.
There is also an option to use a TXT record in the DNS for the DNS Challenge.
I believe the CloudPanel docs you were referred to use the HTTP Challenge.
Why do you think this won't work? Can you explain in more detail? Here is info about the challenge types
The issue turned out to be that I misinterpreted the statement in the documents that said a DNS record pointing to this server is required to issue the Let's Encrypt Certificate. I assumed that meant the NS records that I could not change due to the email issue. So I did not test the install. After this conversation I tested the install, as mentioned the domain was pointed using A records. I am assuming the installation does the challenge types referenced above and the certificate installed without a hitch.