This tutorial covers the following topics:
- How to see the Let's Encrypt certificated issued for your account?
- How to enforce the certificate on your site?
- How to issue and install a new Let's Encrypt certificate yourself
- How to renew a Let's Encrypt certificate?
- How to cancel a Let's Encrypt certificate?
- Prerequisites before installing a Let's Encrypt certificate
- Let's Encrypt limits
SiteGround has been supporting the global initiative to create free SSL certificates for everybody Let's Encrypt almost from its beginning. Now, we automatically issue and install a free certificate for the majority of the domains that are pointed to our shared servers and we allow one click installations for domains on cloud and dedicated accounts.
How to see the Let's Encrypt certificated issued for your account?
To access the Let's Encrypt certificate interface, login to your cPanel and click the Let's Encrypt tool in the Security tab.
Once there, you will see a list of the installed certificated for your account.
How to enforce the certificate on your site?
Issuing a certificate is just a first step in making your website work properly over HTTPS. You usually need some additional configuration so that your domain is not accessible both over http and https, in order to avoid duplicate content. Additionally you may need to rewrite any links to external content, so that your site does not show warnings for mixed content in the browser. The best way to do this changes are in your specific application, but if you are not sure how, we have created a shortcut in the Let’s Encrypt interface that allows you to both enforce the certificate and rewrite the links with a single click (more details in our blog).
How to issue and install a new Let's Encrypt certificate yourself
Just select the domain name that you want to issue the certificate for and enter a valid email address. Then, press the Install button to proceed.
In a few moments, you will have a working SSL certificate for your domain name!
Now you just need to configure your application to work via https:// to start using the certificate on your site.
How to renew a Let's Encrypt certificate?
Let’s Encrypt certificates issued by SiteGround are automatically renewed by us until they are canceled. You don't need to do anything manually.
How to cancel a Let's Encrypt certificate?
If you want to cancel an installed certificate just click on the Cancel button next to the domain name.
Check out our Let's Encrypt FAQ database if you have additional questions regarding this service.
Prerequisites before installing a Let's Encrypt certificate
There are a few requirements that a domain should meet so you can install a Let's Encrypt certificate successfully on it.
- The domain and its www subdomain should be both pointed to your cPanel account's IP address. Otherwise the certificate cannot be verified and installed on your domain.
- There should not be a general redirect upon the installation of the certificate, as it would prevent the HTTP validation from completing. You should temporary remove such redirects until the certificate's installation completes. You may safely re-add them after the certificate is successfully installed.
- By default, if you initiate installation of a a Let's encrypt certificate on your primary domain, cPanel would include your parked domains in the installation of the SSL. This means that if you have a parked domain that is not pointed to your cPanel's IP address, the installation of the SSL would fail. You should either point these domains to your cPanel account, or temporary unpark them until the installation completes.
Let's Encrypt limits
The Let's encrypt installation has several rate limits applied and if you have reached one of those, the installation of a new certificate will not be successful. The most frequently met limits are:
- 5 Duplicate certificates successfully issued and installed for the same domain name per week. For instance, if you requested a certificate for the example.com and www.example.com domains, you could request four more certificates for those domains during the week. If you changed the set of names by using a subdomain such as blog.example.com, you would be able to request additional certificates.
- 5 Failed Validations per domain name per hour. If you attempt to install Let's encrypt certificate for your domain name, and the installation fails 5 times, you will not be able to request a new installation in the next hour and you need to wait for the limit to be lifted.
You may review all of the service limits on the official Let's encrypt website here.