SOLVED Reissuing Lets Encrypt Certificate

dermotd

Member
Nov 26, 2019
13
0
1
Dublin
cPanel Access Level
Root Administrator
Hi

Last week Lets Encrypt announced that, due to a bug in the certificate issuance process, they were revoking up to 3 million certificates (https://nakedsecurity.sophos.com/20...rypt-certificates-are-being-killed-off-today/). I checked the sites belonging to a client using the online tool Lets Encrypt had provided (https://checkhost.unboundtest.com/), and found a number of our sites on a few servers are affected. The recommended advice is to get your TLS cert reissued.

I have found surprisingly little information online on how to do this from WHM/cPanel. When I visit the sites today (10 March) they are working fine, but I want to follow the advice and ensure we dont have any unhappy customers!

From information from a variety of blogs, I gather that you delete the current certificate from the WHM > Manage SSL Hosts menu, and then go into WHM > Manage AutoSSL > Manage Users and click to check the affected domains again. Would this be right, or should I go into the individual cPanels?

I want to make sure that any other sites on the same server are unaffected.

Many thanks
 

dermotd

Member
Nov 26, 2019
13
0
1
Dublin
cPanel Access Level
Root Administrator
Hi

I found a similar thread on this forum dealing with the same problem (https://forums.cpanel.net/threads/l...-million-certificates-on-march-4-2020.668345/). The steps I had suggested above turned out to be correct, and after testing them I was able to rectify the situation on all of my clients sites. It takes a few minutes after you click 'Check Domain' in the Manage AutoSSL menu, where you are nervously refreshing the website in your browser, but then it does come back up and the certificate has a new date. Checking it in the Lets Encrypt online tool confirms the new cert is OK too.

You can mark this thread as Solved please.