I logged into the section to manage the certificate but it only confirms that my certificate has expired. They told me that I have to go to the company that issued the certificate. The email alert that I signed up for, works for GoDaddy-issued certificates. So I didn’t get an alert.
I actually had to initiate the original request to GoDaddy. It seems they are holding on to the renewal instructions for dear life.
Well the current cert is useless.
Can you delete it and start over?
It’s worse than useless because it is actually interfering with my readership/clientele. Those visitors may not come back to my site because of the message.
What I found out:
Sometime during the last 3 months, they’ve (GoDaddy) stopped honouring the Certificate Requests and are now sending people to Certbot for that part of the process.
That’s why when you do a search for Let’s Encrypt documentation it brings you to that section – but it doesn’t explain why you’re there.
Now I have to read all the Certbot information to figure out what to do and how to do it.
If they said you should use
certbot, then I can help you with that.
certbot already installed?
Can you login with SSH?
This is what they actually said in a generic message in “Help”. And this is based on a NEW certificate not a renewal. But I guess I need to do a new one.
“Generate your certificate signing request (CSR). Let’s Encrypt recommends generating your certificate through Certbot but this is not supported on GoDaddy’s cPanel Linux hosting . Instead, you will need to use a third party client to generate your Let’s Encrypt certificate. GoDaddy and Let’s Encrypt do not control or review these third party clients and cannot guarantee their safety or reliability. You can find a list of available options under the Browser section.”
For long term ease-of-use, you may want to change that plan (to one that includes it) or change hosting providers.
Are you able to install
certbot on that system?
Otherwise, it will be a very manual process every <90 days…
I wouldn’t mind the manual use if the instructions were clear.
For the system, I chose Apache and Other UNIX.
Not sure if that’s right.
If so, please show:
How did you install the cert last time?
I’m not sure you will be able to install cerbot onto that system - it may be “shared” hosting.
If NOT, I’m putting together a (makeshift) step-by-step for you to get a signed cert ASAP.
- access to OPENSSL
- ability to copy file private key and public cert into the system (probably in cPanel)
[in a secure location - execute the following]
Step#1: openssl req -out rsa.public.csr -new -sha256 -newkey rsa:2048 -nodes -keyout rsa.private.key.pem Or Step#1 split into two separate steps (optional): Step#1A: openssl genrsa -out rsa.private.key.pem 2048 Step#1B: openssl req -new -sha256 -key private.key.pem -out rsa.public.csr Step#2: Send CSR to cert signing authority. [you can use a site like freessl.org - ensure you click "I have a CSR" (page 2)] The "verify type" can be either DNS or FILE (do you recall which you did last time?) [If you have questions or doubts just ask]
Step#3: Recieve a signed public certificate. Step#4: Load public cert and private key into cPanel.
SSH into the server
SSH into the server running your HTTP website as a user with sudo privileges.
–Is SSH some kind of FTP? I have direct access to the server.
Yes, it is shared hosting.
SSH is NOT FTP.
SSH is Secure SHell
Programs like PuTTY or Terminal or WinTerm or SSH
In Ubuntu Linux:
apt install ssh Reading package lists... Done Building dependency tree Reading state information... Done The following NEW packages will be installed: ssh 0 upgraded, 1 newly installed, 0 to remove and 14 not upgraded. Need to get 5,204 B of archives. After this operation, 106 kB of additional disk space will be used. Get:1 http://archive.ubuntu.com/ubuntu bionic-updates/main amd64 ssh all 1:7.6p1-4ubuntu0.3 [5,204 B] Fetched 5,204 B in 0s (11.3 kB/s) Selecting previously unselected package ssh. (Reading database ... 104752 files and directories currently installed.) Preparing to unpack .../ssh_1%3a7.6p1-4ubuntu0.3_all.deb ... Unpacking ssh (1:7.6p1-4ubuntu0.3) ... Setting up ssh (1:7.6p1-4ubuntu0.3) ...
What O/S are you using? [Windows, Mac, Linux]
Certbot gave me a list of instructions for auto renewal. But I chose Other Linux , not Ubuntu Linux from the list.
Here is the link: https://certbot.eff.org/lets-encrypt/pip-apache.html
And where are you going to put any files?
I’m missing a step…
Those instructions are to be executed on the server.
Do you have access to execute anything on the server?
The system responds to SSH, so there is hope for that path:
ssh www.coremagazines.com The authenticity of host 'www.coremagazines.com (184.108.40.206)' can't be established. RSA key fingerprint is SHA256:x7B+tYlgu9iFK/1L72M7wgJqAbNv5HADK0KbCdPWFeU. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added 'www.coremagazines.com,220.127.116.11' (RSA) to the list of known hosts. email@example.com's password:
It refers to a Command Line.
I have an idea but I don’t want to screw up my site.
I think I will pay for the SSL certificate, although it feels like extortion, because my site is literally being held hostage. I have time left on my account and the other options are not practical or reasonable right now.
Thank you so much for helping me with this. I really appreciate it, rg305.
Have a great evening.
Although… indirectly - I do think so too.
Almost every transaction I’ve had with GoDaddy has always left a bad taste in my mouth.
[case in point - they TOOK $69.99 to help be obtain a domain yesterday - and all they did was take my money - but let’s not get sidetracked]
You can better use that money to upgrade your hosting plan.
Or simply put your site behind a free CloudFlare account.
The users would see HTTPS and your backend could be HTTP or HTTPS.
Your domain name and your hosting are both with them. Did you get a 2 for 1 deal?
I would have to look into CloudFlare first.
My site is already set up on https. They just probably will have to change the date on the certificate’s expiration and that’s it - $64 – there’s a sale on right now.
I’ve already done the forwarding and other changes I’m going to have to do all the other stuff or pay for a plugin on top of that.
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.