I logged into the section to manage the certificate but it only confirms that my certificate has expired. They told me that I have to go to the company that issued the certificate. The email alert that I signed up for, works for GoDaddy-issued certificates. So I didn’t get an alert.
1 Like
I actually had to initiate the original request to GoDaddy. It seems they are holding on to the renewal instructions for dear life.
2 Likes
Well the current cert is useless.
Can you delete it and start over?
1 Like
It’s worse than useless because it is actually interfering with my readership/clientele. Those visitors may not come back to my site because of the message.
What I found out:
Sometime during the last 3 months, they’ve (GoDaddy) stopped honouring the Certificate Requests and are now sending people to Certbot for that part of the process.
That’s why when you do a search for Let’s Encrypt documentation it brings you to that section – but it doesn’t explain why you’re there.
Now I have to read all the Certbot information to figure out what to do and how to do it.
1 Like
If they said you should use certbot, then I can help you with that.
Is certbot already installed?
Can you login with SSH?
1 Like
This is what they actually said in a generic message in “Help”. And this is based on a NEW certificate not a renewal. But I guess I need to do a new one.
“Generate your certificate signing request (CSR). Let’s Encrypt recommends generating your certificate through Certbot but this is not supported on GoDaddy’s cPanel Linux hosting . Instead, you will need to use a third party client to generate your Let’s Encrypt certificate. GoDaddy and Let’s Encrypt do not control or review these third party clients and cannot guarantee their safety or reliability. You can find a list of available options under the Browser section.”
1 Like
For long term ease-of-use, you may want to change that plan (to one that includes it) or change hosting providers.
For now…
Are you able to install certbot on that system?
Otherwise, it will be a very manual process every <90 days…
1 Like
I wouldn’t mind the manual use if the instructions were clear.
For the system, I chose Apache and Other UNIX.
Not sure if that’s right.
1 Like
If so, please show:
lsb_release -a
or
uname -a
1 Like
How did you install the cert last time?
I’m not sure you will be able to install cerbot onto that system - it may be “shared” hosting.
If NOT, I’m putting together a (makeshift) step-by-step for you to get a signed cert ASAP.
Must haves:
- access to OPENSSL
- ability to copy file private key and public cert into the system (probably in cPanel)
[in a secure location - execute the following]
Step#1: openssl req -out rsa.public.csr -new -sha256 -newkey rsa:2048 -nodes -keyout rsa.private.key.pem
Or Step#1 split into two separate steps (optional):
Step#1A: openssl genrsa -out rsa.private.key.pem 2048
Step#1B: openssl req -new -sha256 -key private.key.pem -out rsa.public.csr
Step#2: Send CSR to cert signing authority.
[you can use a site like freessl.org - ensure you click "I have a CSR" (page 2)]
The "verify type" can be either DNS or FILE (do you recall which you did last time?)
[If you have questions or doubts just ask]
Step#3: Recieve a signed public certificate.
Step#4: Load public cert and private key into cPanel.
1 Like
-
SSH into the server
SSH into the server running your HTTP website as a user with sudo privileges.
–Is SSH some kind of FTP? I have direct access to the server. -
Install Certbot
1 Like
Yes, it is shared hosting.
1 Like
SSH is NOT FTP.
SSH is Secure SHell
Programs like PuTTY or Terminal or WinTerm or SSH
1 Like
In Ubuntu Linux:
apt install ssh
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following NEW packages will be installed:
ssh
0 upgraded, 1 newly installed, 0 to remove and 14 not upgraded.
Need to get 5,204 B of archives.
After this operation, 106 kB of additional disk space will be used.
Get:1 http://archive.ubuntu.com/ubuntu bionic-updates/main amd64 ssh all 1:7.6p1-4ubuntu0.3 [5,204 B]
Fetched 5,204 B in 0s (11.3 kB/s)
Selecting previously unselected package ssh.
(Reading database ... 104752 files and directories currently installed.)
Preparing to unpack .../ssh_1%3a7.6p1-4ubuntu0.3_all.deb ...
Unpacking ssh (1:7.6p1-4ubuntu0.3) ...
Setting up ssh (1:7.6p1-4ubuntu0.3) ...
What O/S are you using? [Windows, Mac, Linux]
1 Like
Certbot gave me a list of instructions for auto renewal. But I chose Other Linux , not Ubuntu Linux from the list.
Here is the link: https://certbot.eff.org/lets-encrypt/pip-apache.html
1 Like
And where are you going to put any files?
And how?
I’m missing a step…
Those instructions are to be executed on the server.
Do you have access to execute anything on the server?
The system responds to SSH, so there is hope for that path:
ssh www.coremagazines.com
The authenticity of host 'www.coremagazines.com (23.229.197.96)' can't be established.
RSA key fingerprint is SHA256:x7B+tYlgu9iFK/1L72M7wgJqAbNv5HADK0KbCdPWFeU.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'www.coremagazines.com,23.229.197.96' (RSA) to the list of known hosts.
root@www.coremagazines.com's password:
1 Like
It refers to a Command Line.
I have an idea but I don’t want to screw up my site.
I think I will pay for the SSL certificate, although it feels like extortion, because my site is literally being held hostage. I have time left on my account and the other options are not practical or reasonable right now.
Thank you so much for helping me with this. I really appreciate it, rg305.
Have a great evening.
2 Likes
Although… indirectly - I do think so too.
Almost every transaction I’ve had with GoDaddy has always left a bad taste in my mouth.
[case in point - they TOOK $69.99 to help be obtain a domain yesterday - and all they did was take my money - but let’s not get sidetracked]
You can better use that money to upgrade your hosting plan.
Or simply put your site behind a free CloudFlare account.
The users would see HTTPS and your backend could be HTTP or HTTPS.
1 Like
Your domain name and your hosting are both with them. Did you get a 2 for 1 deal?
I would have to look into CloudFlare first.
My site is already set up on https. They just probably will have to change the date on the certificate’s expiration and that’s it - $64 – there’s a sale on right now.
I’ve already done the forwarding and other changes I’m going to have to do all the other stuff or pay for a plugin on top of that.
1 Like
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.