Skip to main content

All certificates changed to Let's encrypt

Comments

5 comments

  • cPanelLauren
    This is dependent on your selection of providers at WHM>>SSL/TLS>>Manage AutoSSL if you have Let's Encrypt Selected then you will only receive certificates from them and vice versa.
    0
  • mikopes
    Thx for the reply. Do we need to run these commands: /scripts/autorepair update_sectigo_cabundles /usr/local/cpanel/bin/checkallsslcerts --force /scripts/restartsrv_apache as is stated here
    0
  • cPanelLauren
    No, like I said this is dependent on your provider selection. The Sectigo issue with CA bundles only affects certificates issued prior to May 1st. If you select Sectigo as your provider when certificates renew they will renew with Sectigo certificates. Furthermore the command /usr/local/cpanel/bin/checkallsslcerts --force
    will only change your hostname SSL not your domain's SSL's. If for some reason you need Sectigo SSL's you'd need to remove the SSL's currently installed and re-run AutoSSL through WHM to install new certificates once you've selected the Sectigo provider.
    0
  • HostXNow_Chris
    I noticed a bit of an issue where I had the Let's Encrypt plugin installed on the server and had AutoSSL from cPanel. Now that cPanel supports free SSLs, I removed the custom Let's Encrypt plugin to help prevent conflict. It works fine with the SSLs provided by cPanel now. If you don't want to use SSL from Let's Encrypt you could remove it and then run /scripts/autorepair update_sectigo_cabundles /usr/local/cpanel/bin/checkallsslcerts --force /scripts/restartsrv_apache
    0
  • cPanelLauren
    I noticed a bit of an issue where I had the Let's Encrypt plugin installed on the server and had AutoSSL from cPanel. Now that cPanel supports free SSLs, I removed the custom Let's Encrypt plugin to help prevent conflict. It works fine with the SSLs provided by cPanel now. If you don't want to use SSL from Let's Encrypt you could remove it and then run /scripts/autorepair update_sectigo_cabundles /usr/local/cpanel/bin/checkallsslcerts --force /scripts/restartsrv_apache

    You shouldn't need the autorepair for new certificates. Just to repair certificates issued prior to May 1
    0

Please sign in to leave a comment.