Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
This is a part of my conversation with Site5. They are S and I am D
• S
In that case they can contact us proving the support code and we can install it for you.
You or third party cannot install the SSL certificate from your end, you will need to provide us the certificate bundle and we will install it for you.
• D
how do I give you the certificate bundle? is it just a number or is it something more?
• S
You can contact your SSL provider and ask them to provide the CA bundle, private key and certificate so that we can install it from our end for you.
To solution your problem:
Your hosting company want your entire cert (private and public parts) to enable TLS/SSL. (which sounds bad)
And you want to use Let’s Encrypt (which is good)
The choices are limited to obtaining the cert manually online (via resources like: https://sslforfree.com/)
But this is really not a good choice as it can’t be automated; This will require manual intervention (on your part and theirs) before the cert expires [every 90 days].
The short answer is no. I’m glad you want to add HTTPS to your site. Unfortunately, it sounds like your hosting provider is of the type that requires you to manually issue and upload your own certificate. That’s not the recommended way to do things these days. Instead, the easiest thing is for your hosting provider to request and install your certificate themselves. There’s a list of hosting providers that support Let’s Encrypt here: Web Hosting who support Let's Encrypt. Using one of them will make the process of configuring HTTPS much easier.
But the fact the hosting provider wants the cert and private key: well, it needs the private key. Without the private key, no SSL/TLS.
So stating that it’s bad if the hosting provider wants the private key doesn’t add up without the extra statements such as the possibly insecure transfer of the key.