Knowledgebase
Do you support Let's Encrypt SSL certificates?
Posted by Customer Service on 06 September 2017 10:57 PM

We support Let's Encrypt certificates and you are allowed to use them our servers.

In this article we will review all options for the installation and usage of Lets Encrypt certificates - automatic and manual.

We would like to draw your attention to need of validation procedure for domain ownership. This requires access to domain directories or access to its DNS zone. In case of AutoSSL use - the mandatory requirement is to have a domain name pointed to server where you will install certificate.

1. Automatic: getting and installing of LetsEncrypt certificates.

******* For WHM/cPanel *******
- all that you need to get and install certificates autimatically - contact support team and we will enable needed feature for your account. New certificate will be ordered and installed within 24 hours.


******* For Plesk panel 12.5 or newer *******
- login to your Plesk account on the server
- click on the needed domain on the 'Websites & Domains' tab
- in the hosting settings management page you will see 'Let's Encrypt' icon - click on it
- enter your Email address and click on 'Install' (there is the checkbox near "Include a "www" subdomain for the domain and each selected alias" and you can enable it if needed)
- certificate will be ordered and installed on selected domain automatically

2. Manual installation of LE certificates

Unfortunately, at the moment some of our servers do not support ordering and installing of LE certificates automatically or via panel tools.
This problem does not affect cPanel servers and exists only for Plesk versions older than 12.5.

In order to get and install LE certificate manually, a 3rd-party tool is needed for ordering - zerossl. Before starting, please make sure that you have access to domain's docroot directory.

- go to wizard page - https://zerossl.com/free-ssl/#crt
- specify your email and domain(s) for which you want to order certificate or use your CSR
- accept ToS and SA
- click 'Next' and follow to instructions for generating of Private Key and CSR
- ATTENTION! Please save private key - further installation is impossible without it
- confirm domain ownership. Using HTTP verification (by default) you should create the '/.well-known/acme-challenge/' directory with specified random file name using the Plesk file manager or FTP client and put a text there.
- in the same directory (/.well-known/acme-challenge/) please create the 'web.config' file with following content:

<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<system.webServer>
<staticContent>
<mimeMap fileExtension="." mimeType="text/plain" />
</staticContent>
</system.webServer>
</configuration>

- make sure that file is accessible via URL 'http://yourdomain/.well-known/acme-challenge/' and click Next
- if validation was successful you will see further instructions and certificates with private key that need to be copied and saved
- in the Plesk panel on the 'Websites & Domains' tab please open the 'SSL Certificates' menu
- then click on 'Add SSL Certificate'
- specify the certificate name and insert to corresponding fields private key, certificate and CA certificate (* note: CA certificate - bottom (shorter) part of main certificate) and click on the "upload certificate"
- the certificate has been uploaded. In order to enable it please go to 'Websites & Domains' > 'Hosting Settings' of this domain, then click on 'Security' and select needed certificate from the list, after this click on OK.

Now your domain is protected with certificate and accessible via HTTPS.

P.S. Manual installation of certificates is possible in cPanel as well, but it is not reasonable with automatic installation feature.

(0 vote(s))
Helpful
Not helpful

Comments (0)