Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Which SSL provider?

Discussion in 'Security' started by MShiraz Baig, Aug 20, 2017.

Tags:
  1. MShiraz Baig

    MShiraz Baig Member

    Joined:
    Aug 20, 2017
    Messages:
    9
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    UK
    cPanel Access Level:
    Root Administrator
    I have two providers available to me for autossl, these are
    a. cPanel (powered by Comodo)
    b. Lets encrypt

    Question1: Which one to choose and why?
    Question2: If I choose Lets encrypt, do I have to send a CSR request. If not, what compnay name and admin email is used in the certificate issued.
     
  2. Eminds

    Eminds Well-Known Member

    Joined:
    Nov 10, 2016
    Messages:
    208
    Likes Received:
    12
    Trophy Points:
    18
    Location:
    India
    cPanel Access Level:
    Root Administrator
    You can choose any of the provider as both provides Free SSL

    If you choose lets encrypt , you do not need to send a csr request in Auto SSL
     
  3. 24x7server

    24x7server Well-Known Member

    Joined:
    Apr 17, 2013
    Messages:
    1,447
    Likes Received:
    56
    Trophy Points:
    28
    Location:
    India
    cPanel Access Level:
    Root Administrator
    I will suggest you go for Comodo compared to Lets encrypt, though lets encrypt has been used a lot lately. Comodo has been around in this for long time..

    If you choose anyone from the AutoSSL, you do not have to do anything. AutoSSL does everything for your. You just have to enable it from the AutoSSL and issue it..
     
  4. MShiraz Baig

    MShiraz Baig Member

    Joined:
    Aug 20, 2017
    Messages:
    9
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    UK
    cPanel Access Level:
    Root Administrator
    Firstly I had comodo. I activated autossl. Then created a domain. It showed a self signed certificate under "manage SSL hosts". But whenever I accessed the domain in the browser, it said, that no valid certificate and did not allow https. Then I changed the provider to lets encrypt (by running the script and ticking the radio button). After that I created a domain. It again shows same behavior, ie it says certificate not valid. However, now the owner is showed as lets encrypt.

    What am I doing wrong. From WHM, I choose "ssl/tls", then I choose "manage autossl". On the next window, I tick the radio button for provider (lets encrypt) and then I click "run autossl for all users".
    Am I missing something? why https not working on my domain?

    I may add to my above post, that I am managing a WHM and not cpanel. Is the autossl automatic for both whm/cpanel? Or we have to sign a CSR request for WHM management and its automatic for cpanel?
     
    #4 MShiraz Baig, Aug 20, 2017
    Last edited by a moderator: Aug 22, 2017
  5. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    38,165
    Likes Received:
    1,372
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello,

    It can take up to 48 hours for the AutoSSL feature to issue signed SSL certificates to a domain name. In the meantime, the domain name is assigned a self-signed certificate. You can review the "Logs" tab for the account in-question in "WHM >> Manage AutoSSL" to see if there were any issues with the AutoSSL certificate request.

    Thank you.
     
  6. MShiraz Baig

    MShiraz Baig Member

    Joined:
    Aug 20, 2017
    Messages:
    9
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    UK
    cPanel Access Level:
    Root Administrator
    This is my log and I do not know what is happening..... why so many errors and warnings...
    Code:
    3:37:09 AM WARN “mail.example.com” failed its authorization because of an error: No valid IP addresses found for mail.example.com (The server could not resolve a domain name (urn:acme:error:unknownHost))
    3:37:09 AM WARN “www.example.com” failed its authorization because of an error: No valid IP addresses found for www.example.com (The server could not resolve a domain name (urn:acme:error:unknownHost))
    3:37:10 AM WARN (XID 9avdy9) The ACME function “https://acme-v01.api.letsencrypt.org/acme/new-cert” indicated an error: “Error creating new cert :: too many certificates already issued for exact set of domains: cpanel.example.com,example.com,webdisk.example.com,webmail.example.com (The request exceeds a rate limit)” (429, “Too Many Requests”, urn:acme:error:rateLimited). at bin/autossl_check.pl line 658. 
    
     
    #6 MShiraz Baig, Aug 22, 2017
    Last edited by a moderator: Aug 22, 2017
  7. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    38,165
    Likes Received:
    1,372
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    You can read about the rate limits for Let's Encrypt at:

    Manage AutoSSL - Documentation - cPanel Documentation

    Feel free to open a support ticket using the link in my signature if you'd like us to take a closer look if you are unsure of how the rate limit has been met.

    Thank you.
     
Loading...

Share This Page