{"id":297,"date":"2017-05-12T06:19:01","date_gmt":"2017-05-12T05:19:01","guid":{"rendered":"http:\/\/chewett.co.uk\/blog\/?p=297"},"modified":"2019-01-20T23:41:47","modified_gmt":"2019-01-20T23:41:47","slug":"lets-encrypt-auto-ssl-web-host-manager-cpanel-server","status":"publish","type":"post","link":"https:\/\/chewett.co.uk\/blog\/297\/lets-encrypt-auto-ssl-web-host-manager-cpanel-server\/","title":{"rendered":"Let’s Encrypt Auto SSL on Web Host Manager CPanel Server"},"content":{"rendered":"

This blog post describes how to set up free SSL certificates on a Web Host Manager CPanel server. This requires root access to the server, if you don’t have access to this then you must ask your service provider to install it for you.<\/p>\n

What is Let’s Encrypt?<\/h2>\n

Let’s Encrypt is in their own words “free, automated, and open Certificate Authority” providing free SSL certificates to anyone who wants to use their services. The only requirement to obtain a certificate from them is to prove you own the domain. This service is backed by some of the big web companies including Google and Facebook so has a large technical group behind it.<\/p>\n

Many SSL certificate providers do this through a convoluted process of manually adding DNS records or replying to emails found via DNS. Instead of having to do this you confirm your ownership by the newly developed ACME protocol<\/a>.<\/p>\n

One of the ways you can verify your domain is using an ACME client such as certbot<\/a>. I wont be using that today as I wanted an automatic solution that worked with the CPanel servers I manage.<\/p>\n

Let’s Encrypt with CPanel<\/h2>\n

To automatically install SSL certificates  CPanel provide an AutoSSL facility. By default doesn’t provide Lets Encrypt SSL Certificates but they can be enabled easily enough.<\/p>\n

If you log into your server as root you can install the Let’s Encrypt Auto SSL module by running the following command:<\/p>\n

    \n
  1. \n
    \/scripts\/install_lets_encrypt_autossl_provider<\/pre>\n<\/li>\n<\/ol>\n
    Once you have run this CPanel should now let you select Let’s Encrypt as your Auto SSL provider!<\/p>\n
    The developers of CPanel are testing this and is likely to be rolled out in the future. However at the moment you need to install it manually. More information can be found in their blog post<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"
    This blog post describes how to set up free SSL certificates on a Web Host Manager CPanel server. This requires root access to the server, if you don’t have access to this then you must ask your service provider to install it for you. What is Let’s Encrypt? Let’s Encrypt is in their own words […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_exactmetrics_skip_tracking":false,"_exactmetrics_sitenote_active":false,"_exactmetrics_sitenote_note":"","_exactmetrics_sitenote_category":0,"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":true,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2}},"categories":[5],"tags":[107,108,113,110,111,112,109,69],"class_list":["post-297","post","type-post","status-publish","format-standard","hentry","category-informational","tag-autossl","tag-cpanel","tag-free-ssl-certificate","tag-lets-encrypt","tag-ssl","tag-ssl-certificate","tag-web-host-management","tag-whm"],"wppr_data":{"cwp_meta_box_check":"No"},"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_shortlink":"https:\/\/wp.me\/p2toWX-4N","jetpack_sharing_enabled":true,"jetpack-related-posts":[{"id":490,"url":"https:\/\/chewett.co.uk\/blog\/490\/setting-ssl-certbot-apache-fedora\/","url_meta":{"origin":297,"position":0},"title":"Setting up SSL with certbot with Apache and Fedora","author":"Chewett","date":"August 16, 2017","format":false,"excerpt":"This post describes how to set \u00a0up a SSL certificate with Certbot on Apache and Fedora. The guide primarily follows the guide on the certbot website however adds some additional information for if auto configuration fails. Running Certbot on Fedora On Fedora running certbot is relatively easy as it is\u2026","rel":"","context":"In "Informational"","block_context":{"text":"Informational","link":"https:\/\/chewett.co.uk\/blog\/category\/informational\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/chewett.co.uk\/blog\/wp-content\/uploads\/2017\/08\/ssl_with_apache_fedora_and_certbot.jpg?fit=800%2C800&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/chewett.co.uk\/blog\/wp-content\/uploads\/2017\/08\/ssl_with_apache_fedora_and_certbot.jpg?fit=800%2C800&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/chewett.co.uk\/blog\/wp-content\/uploads\/2017\/08\/ssl_with_apache_fedora_and_certbot.jpg?fit=800%2C800&ssl=1&resize=525%2C300 1.5x, https:\/\/i0.wp.com\/chewett.co.uk\/blog\/wp-content\/uploads\/2017\/08\/ssl_with_apache_fedora_and_certbot.jpg?fit=800%2C800&ssl=1&resize=700%2C400 2x"},"classes":[]},{"id":982,"url":"https:\/\/chewett.co.uk\/blog\/982\/fixing-letsencrypt-validation-failed-selected-authenticator-not-support-combination-challenges\/","url_meta":{"origin":297,"position":1},"title":"Fixing Letsencrypt validation failed with selected authenticator does not support any combination of challenges","author":"Chewett","date":"January 31, 2018","format":false,"excerpt":"This post goes through the steps of fixing Letsencrypt with the issue \"Client with the currently selected authenticator does not support any combination of challenges that will satisfy the CA.\". Why Letsencrypt fails to validate domains When trying to set up a new https website with Letsencrypt you may get\u2026","rel":"","context":"In "Fixes"","block_context":{"text":"Fixes","link":"https:\/\/chewett.co.uk\/blog\/category\/fixes\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/chewett.co.uk\/blog\/wp-content\/uploads\/2018\/01\/fixing_letsencrypt_fedora.jpg?fit=800%2C800&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/chewett.co.uk\/blog\/wp-content\/uploads\/2018\/01\/fixing_letsencrypt_fedora.jpg?fit=800%2C800&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/chewett.co.uk\/blog\/wp-content\/uploads\/2018\/01\/fixing_letsencrypt_fedora.jpg?fit=800%2C800&ssl=1&resize=525%2C300 1.5x, https:\/\/i0.wp.com\/chewett.co.uk\/blog\/wp-content\/uploads\/2018\/01\/fixing_letsencrypt_fedora.jpg?fit=800%2C800&ssl=1&resize=700%2C400 2x"},"classes":[]},{"id":854,"url":"https:\/\/chewett.co.uk\/blog\/854\/installing-root-certificate-authority-firefox\/","url_meta":{"origin":297,"position":2},"title":"Installing a Root Certificate Authority in Firefox","author":"Chewett","date":"November 18, 2017","format":false,"excerpt":"Firefox, unlike many other applications, keeps a store of its own trusted root certificate authorities. This means that adding a new root certificate to the operating system will not work. This post runs through how to add a new root certificate to Firefox. Why we need to add a Root\u2026","rel":"","context":"In "Informational"","block_context":{"text":"Informational","link":"https:\/\/chewett.co.uk\/blog\/category\/informational\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/chewett.co.uk\/blog\/wp-content\/uploads\/2017\/11\/installing_root_ca_firefox.jpg?fit=800%2C800&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/chewett.co.uk\/blog\/wp-content\/uploads\/2017\/11\/installing_root_ca_firefox.jpg?fit=800%2C800&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/chewett.co.uk\/blog\/wp-content\/uploads\/2017\/11\/installing_root_ca_firefox.jpg?fit=800%2C800&ssl=1&resize=525%2C300 1.5x, https:\/\/i0.wp.com\/chewett.co.uk\/blog\/wp-content\/uploads\/2017\/11\/installing_root_ca_firefox.jpg?fit=800%2C800&ssl=1&resize=700%2C400 2x"},"classes":[]},{"id":1449,"url":"https:\/\/chewett.co.uk\/blog\/1449\/installing-a-root-certificate-authority-on-fedora-28\/","url_meta":{"origin":297,"position":3},"title":"Installing a Root Certificate Authority on Fedora 28","author":"Chewett","date":"August 15, 2018","format":false,"excerpt":"This post documents the process of installing a Root Certification Authority on Fedora 28. Adding a Root Certificate Authority to Fedora 28 First you must obtain the PEM file for your root certificate. This will either need to be created by you or will be given to you by your\u2026","rel":"","context":"In "Informational"","block_context":{"text":"Informational","link":"https:\/\/chewett.co.uk\/blog\/category\/informational\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/chewett.co.uk\/blog\/wp-content\/uploads\/2018\/08\/installing_root_ca_fedora28.jpg?fit=800%2C800&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/chewett.co.uk\/blog\/wp-content\/uploads\/2018\/08\/installing_root_ca_fedora28.jpg?fit=800%2C800&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/chewett.co.uk\/blog\/wp-content\/uploads\/2018\/08\/installing_root_ca_fedora28.jpg?fit=800%2C800&ssl=1&resize=525%2C300 1.5x, https:\/\/i0.wp.com\/chewett.co.uk\/blog\/wp-content\/uploads\/2018\/08\/installing_root_ca_fedora28.jpg?fit=800%2C800&ssl=1&resize=700%2C400 2x"},"classes":[]},{"id":921,"url":"https:\/\/chewett.co.uk\/blog\/921\/error-accessing-hp-ilo3-error-err_ssl_bad_record_mac_alert-problem-fixed\/","url_meta":{"origin":297,"position":4},"title":"Error accessing HP iLO3 with error ERR_SSL_BAD_RECORD_MAC_ALERT Problem Fixed","author":"Chewett","date":"December 27, 2017","format":false,"excerpt":"This post describes how to access a HP iLO3 webpage when all your webrowsers give the ERR_SSL_BAD_RECORD_MAC_ALERT error. Why this problem occurs Web browsers will give the ERR_SSL_BAD_RECORD_MAC_ALERT warning when visiting websites that use an older version of OpenSSL to provide the SSL connection. This will typically stop your computer\u2026","rel":"","context":"In "Fixes"","block_context":{"text":"Fixes","link":"https:\/\/chewett.co.uk\/blog\/category\/fixes\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/chewett.co.uk\/blog\/wp-content\/uploads\/2018\/01\/fixing_hp_ilo3_ssl.jpg?fit=800%2C800&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/chewett.co.uk\/blog\/wp-content\/uploads\/2018\/01\/fixing_hp_ilo3_ssl.jpg?fit=800%2C800&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/chewett.co.uk\/blog\/wp-content\/uploads\/2018\/01\/fixing_hp_ilo3_ssl.jpg?fit=800%2C800&ssl=1&resize=525%2C300 1.5x, https:\/\/i0.wp.com\/chewett.co.uk\/blog\/wp-content\/uploads\/2018\/01\/fixing_hp_ilo3_ssl.jpg?fit=800%2C800&ssl=1&resize=700%2C400 2x"},"classes":[]},{"id":841,"url":"https:\/\/chewett.co.uk\/blog\/841\/installing-root-certificate-authority-fedora-26\/","url_meta":{"origin":297,"position":5},"title":"Installing a Root Certificate Authority on Fedora 26","author":"Chewett","date":"November 11, 2017","format":false,"excerpt":"This post documents the process of installing a Root Certification Authority on Fedora 26. Adding a Root Certification Authority to Fedora 26 First you must obtain the PEM file for your root certificate. This will either need to be created by you or will be given to you by your\u2026","rel":"","context":"In "Informational"","block_context":{"text":"Informational","link":"https:\/\/chewett.co.uk\/blog\/category\/informational\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/chewett.co.uk\/blog\/wp-content\/uploads\/2017\/11\/installing_root_ca_fedora.jpg?fit=800%2C800&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/chewett.co.uk\/blog\/wp-content\/uploads\/2017\/11\/installing_root_ca_fedora.jpg?fit=800%2C800&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/chewett.co.uk\/blog\/wp-content\/uploads\/2017\/11\/installing_root_ca_fedora.jpg?fit=800%2C800&ssl=1&resize=525%2C300 1.5x, https:\/\/i0.wp.com\/chewett.co.uk\/blog\/wp-content\/uploads\/2017\/11\/installing_root_ca_fedora.jpg?fit=800%2C800&ssl=1&resize=700%2C400 2x"},"classes":[]}],"_links":{"self":[{"href":"https:\/\/chewett.co.uk\/blog\/wp-json\/wp\/v2\/posts\/297","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/chewett.co.uk\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/chewett.co.uk\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/chewett.co.uk\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/chewett.co.uk\/blog\/wp-json\/wp\/v2\/comments?post=297"}],"version-history":[{"count":2,"href":"https:\/\/chewett.co.uk\/blog\/wp-json\/wp\/v2\/posts\/297\/revisions"}],"predecessor-version":[{"id":1960,"href":"https:\/\/chewett.co.uk\/blog\/wp-json\/wp\/v2\/posts\/297\/revisions\/1960"}],"wp:attachment":[{"href":"https:\/\/chewett.co.uk\/blog\/wp-json\/wp\/v2\/media?parent=297"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/chewett.co.uk\/blog\/wp-json\/wp\/v2\/categories?post=297"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/chewett.co.uk\/blog\/wp-json\/wp\/v2\/tags?post=297"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}