Fred
Member
@SonicGT Here is the link to the cPanel documentation.
Can't go wrong https://documentation.cpanel.net/display/CKB/The+Let's+Encrypt+Plugin
Can't go wrong https://documentation.cpanel.net/display/CKB/The+Let's+Encrypt+Plugin
estelle
New Member
Getting Let's Encrypt up and running
SSH as root
$ ssh -p 2200 root@123.1.23.123
then run the command:
$ /scripts/install_lets_encrypt_autossl_provider
then log into your main control panel:
https://123.1.23.123:2086
under SSL/TLS you'll find "Manage AutoSSL"
Under "providers", you'll see "Let's Encrypt". That's a new option that was created by running the command as root.
Select "Let's Encrypt". Then agree to their terms of service and create a new registration with Let's Encrypt if necessary. Under the managed users tab you can enable / disable AutoSSL by account.
Now, under the control panel of each individual account, under SECURITY > SSL/TLS, find Install and Manage SSL for your site (HTTPS)" select "Manage SSL Sites".
If you end up with a self signed certificate (which you don't want) instead of a Let's Encrypt cert, delete the cert in the individual account. Click the "run AutoSSL for all users" button as root under "Manage Auto SSL". When you refresh the individual user, the correct cert should be there.
SSH as root
$ ssh -p 2200 root@123.1.23.123
then run the command:
$ /scripts/install_lets_encrypt_autossl_provider
then log into your main control panel:
https://123.1.23.123:2086
under SSL/TLS you'll find "Manage AutoSSL"
Under "providers", you'll see "Let's Encrypt". That's a new option that was created by running the command as root.
Select "Let's Encrypt". Then agree to their terms of service and create a new registration with Let's Encrypt if necessary. Under the managed users tab you can enable / disable AutoSSL by account.
Now, under the control panel of each individual account, under SECURITY > SSL/TLS, find Install and Manage SSL for your site (HTTPS)" select "Manage SSL Sites".
If you end up with a self signed certificate (which you don't want) instead of a Let's Encrypt cert, delete the cert in the individual account. Click the "run AutoSSL for all users" button as root under "Manage Auto SSL". When you refresh the individual user, the correct cert should be there.
estelle
New Member
Thanks. I didn't think that worked for accounts that already had a comodo cert. My main issue is where to go to redirect http to https. Right now I am going to each individual htaccess file. (blogged about it here: http://www.standardista.com/lets-encrypt-on-cpanel/). I was unable to do it via "redirects".
Just a quick note on that, the port is wrong for SSL. For WHM, that should be 2087 when connecting via httpS.
DarkSorrow
New Member
I don't use the LetsEncrypt. It has to many limitations. Plus the FREE cPanel SSL is auto setup and ready to go as soon as you add an account. just add https to the URL.
KH-RamonR
New Member
Too many limitations such as?
They recently announced they're doing wildcards. Once that's been released, there isn't really much stopping you from generating a single wildcard SSL cert. Unless you try to generate a SSL cert for subdomain2.subdomain1.example.com; in which case that'd fail and you'd need to create a new wildcard covering subdomain2.subdomain1.example.com.
Edit: Whoa, necropost! Sorry about that.