AutoSSL After Web Host Migration
I recently changed web hosting companies. Domains were issued AutoSSLs via Let's Encrypt on the previous web host, and will be expiring next month. The new web host offers AutoSSL via Comodo.
**SCENARIO**
cPanel 'Notices' based on WHM AutoSSL settings " cPanel > SSL/TLS Status > Various Domains / WHM > Manage AutoSSL > [Options]
- WHM: Without [ ] Allow AutoSSL to replace invalid or expiring non-AutoSSL certificates checked
- cPanel SSL/TLS Status Domain Notice:
|-> Domain Validated
|-> Expires on August 22, 2018. The certificate will not renew via AutoSSL because it was not issued via AutoSSL.
- WHM: With [?] Allow AutoSSL to replace invalid or expiring non-AutoSSL certificates checked
- cPanel SSL/TLS Status Domain Notice:
|-> The certificate will renew via AutoSSL.
QUESTIONS:
- By checking [?] Allow AutoSSL to replace invalid or expiring non-AutoSSL certificates in WHM > Manage AutoSSL > [Options], will this override the currently installed Let's Encrypt SSL certificate for every domain/alias domain?
- Is there a way to 'Force' certificate renewal? (as to force the new server to 'manage' SSLs going-forward, rather than wait for renewal)
- Once AutoSSL is being generated by the new web hosting server, will newly-added Alias Domains be automatically included on the certificate?
- On the previous web host, when a new Alias was added to cPanel, within an hour, it would be included in the SSL Certificate generated by Let's Encrypt without having to Renew the cert.
- NOTICE -> The installed certificate does not cover this domain.
- Can I DELETE the Let's Encrypt Certificate to force AutoSSL to generate a new one?
-
Hi @sli.studios By checking [?] Allow AutoSSL to replace invalid or expiring non-AutoSSL certificates in WHM > Manage AutoSSL > [Options], will this override the currently installed Let's Encrypt SSL certificate for every domain/alias domain?
Checking this will override the currently installed certificate when it expires.Is there a way to 'Force' certificate renewal? (as to force the new server to 'manage' SSLs going-forward, rather than wait for renewal)
The only way to do what you're requesting would be to remove the existing certificate which can be done by going to WHM>>SSL/TLS>>Manage SSL hosts and clicking delete next to the certificates you'd like to remove - this would depend on whether or not your reseller user has access to this UI. If not you can remove these from cPanel>>Security>>SSL/TLS -> Install and Manage SSL for your siteOnce AutoSSL is being generated by the new web hosting server, will newly-added Alias Domains be automatically included on the certificate?
- On the previous web host, when a new Alias was added to cPanel, within an hour, it would be included in the SSL Certificate generated by Let's Encrypt without having to Renew the cert.
- NOTICE -> The installed certificate does not cover this domain.
If they're added after the certificate is provisioned AutoSSL should run again in an attempt to provide coverage for all domains so yes they should be covered under a new certificate encompassing all domains on the account.Can I DELETE the Let's Encrypt Certificate to force AutoSSL to generate a new one?
Yes, definitely this would resolve the issue if you'd like to remove the Let's Encrypt Certificate in favor of the cPanel Backed by Comodo certificate. Thanks!0 -
Hello @cPanelLauren, thank you for the reply! I think I'll go with the DELETE & Re-Issue option and see how it goes.. FYI, I have root access to the server & software :) 0 -
Hi @sli.studios Sounds like a good plan, I wasn't sure if you had root access as your Access level is set to Reseller Owner in your profile. 0
Please sign in to leave a comment.
Comments
3 comments