Generate and install free SSL on a Centos VPS

psytanium

Well-Known Member
Jun 6, 2014
244
11
68
Lebanon
cPanel Access Level
Root Administrator
Hi,

I have a Godaddy SSL certificate installed for 4 years now, but about to expire soon and I have to renew it, but looking for a way to save the SSL cert price and install a free certificate on my Centos VPS server.

What do you recommend ? Where to start ? Let's Encrypt or the default CPanel (powered by Sectigo) ?

Note: I'm not talking about the cPanel users SSL, but the server, so when I login to WHM or cPanels, or webmails, etc..

Thank you for any direction.
 

ffeingol

Well-Known Member
PartnerNOC
Nov 9, 2001
532
160
343
cPanel Access Level
DataCenter Provider
For the server SSL it's going to be the cPanel/Sectigo one by default if you let it. There is not built in method to put a Let's Encrypt cert for the server, but some people have found a way to do it.
 

cPRex

Jurassic Moderator
Staff member
Oct 19, 2014
2,977
376
213
cPanel Access Level
Root Administrator
Hey there! @ffeingol is correct that you can get a free SSL from Sectigo on the hostname. You can find more details about how to install this in our support article here:


Let us know if that doesn't work well for you!
 

psytanium

Well-Known Member
Jun 6, 2014
244
11
68
Lebanon
cPanel Access Level
Root Administrator
For the server SSL it's going to be the cPanel/Sectigo one by default if you let it. There is not built in method to put a Let's Encrypt cert for the server, but some people have found a way to do it.
You mean self signed certificate ? it will generate warnings. Is there a way to install free SSL but without generating warnings ?
 

psytanium

Well-Known Member
Jun 6, 2014
244
11
68
Lebanon
cPanel Access Level
Root Administrator
The link I provided explains how you can force the installation of a free certificate on the server's hostname. Is that not working well for you?
Hi, I did as the document explain, just running the command :

Code:
/usr/local/cpanel/bin/checkallsslcerts
I get the following output:

Code:
The system will check for the certificate for the “cpanel” service.
The system will attempt to verify that the certificate for the “cpanel” service is still valid using OCSP (Online Certificate Status Protocol).
The certificate for the “cpanel” service passed all checks.
The system will check for the certificate for the “dovecot” service.
The system will attempt to verify that the certificate for the “dovecot” service is still valid using OCSP (Online Certificate Status Protocol).
The certificate for the “dovecot” service passed all checks.
The system will check for the certificate for the “exim” service.
The system will attempt to verify that the certificate for the “exim” service is still valid using OCSP (Online Certificate Status Protocol).
The certificate for the “exim” service passed all checks.
The system will check for the certificate for the “ftp” service.
The system will attempt to verify that the certificate for the “ftp” service is still valid using OCSP (Online Certificate Status Protocol).
The certificate for the “ftp” service passed all checks.
 

cPRex

Jurassic Moderator
Staff member
Oct 19, 2014
2,977
376
213
cPanel Access Level
Root Administrator
Thanks for the output. That looks normal for a certificate that is in good standing. If you want to replace it, it would be best to use the WHM >> Manage Service SSL Certificates are to reset each one to self-signed, and then run that command again to reinstall a valid one. There isn't a way to use that command to overwrite a valid certificate.
 
  • Like
Reactions: psytanium
Thread starter Similar threads Forum Replies Date
F Miscellaneous 5