Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

SOLVED What is AutoSSL?

Discussion in 'Security' started by GoWilkes, Jan 9, 2017.

Tags:
  1. GoWilkes

    GoWilkes Well-Known Member

    Joined:
    Sep 26, 2006
    Messages:
    396
    Likes Received:
    5
    Trophy Points:
    168
    cPanel Access Level:
    Root Administrator
    Is this set up to replace the need for private certificates from Verisign or Geotrust? Or is it just for services other than Apache?

    I'm getting bogged down with the new Google "feature" that's going to require all of my sites to run entirely through security certificates (thanks to a simple "log in here" feature that doesn't really need to be secure). For me, that means 75+ new certificates that need to be purchased and installed, so if this can take the place of that then... yay! LOL
     
  2. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    15,745
    Likes Received:
    310
    Trophy Points:
    433
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
  3. GoWilkes

    GoWilkes Well-Known Member

    Joined:
    Sep 26, 2006
    Messages:
    396
    Likes Received:
    5
    Trophy Points:
    168
    cPanel Access Level:
    Root Administrator
    Helpful, and thanks! But still not crystal clear.

    So it provides a domain-validated certificate, which (if I understand correctly) will allow all of my sites to show that they are "secure" without going through a third-party (paid).

    But the definition of a domain-validated certificate is a little more vague:

    Domain-validated certificate - Wikipedia

    Specifically:

    In order to work around Google's new rule requiring all pages with login information to be secure, will the AutoSSL cert still give an error, or will it (by default) be "verified by a trusted third party"?

    If it does work the way I hope, does that mean that cPanel has essentially put Geotrust and Verisign out of the certificates business?
     
  4. linux4me2

    linux4me2 Well-Known Member

    Joined:
    Aug 21, 2015
    Messages:
    168
    Likes Received:
    36
    Trophy Points:
    28
    Location:
    USA
    cPanel Access Level:
    Root Administrator
    I haven't tried Chrome, but Chromium works just fine on the login pages of my sites that are running cPanel AutoSSL certificates. I get the green padlock in the address bar and no errors or warnings.

    The only differences I've seen with the AutoSSL certificates is that the AutoSSL certificates automatically renew every 90 days (for free), whereas the paid certs usually last for multiples of one year. With a paid certificate, you sometimes get access to a site seal, and as far as I know those aren't available with cPanel's AutoSSL certs. The 90-day renewal with AutoSSL isn't an issue, since it happens automagically without any intervention on your part once AutoSSL is enabled for an account.

    I've had really good luck with AutoSSL so far, and I've been using it since last October. I'd say you should give it a try.
     
  5. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    38,658
    Likes Received:
    1,419
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello @GoWilkes,

    The previous post is accurate. The certificates issued with the AutoSSL feature (through Comodo or Let's Encrypt) are signed certificates and are trusted by Chrome/Chromium.

    Thank you.
     
Loading...

Share This Page