Generate and install free SSL on a Centos VPS

psytanium

January 14, 2021 06:16

Hi, I have a Godaddy SSL certificate installed for 4 years now, but about to expire soon and I have to renew it, but looking for a way to save the SSL cert price and install a free certificate on my Centos VPS server. What do you recommend ? Where to start ? Let's Encrypt or the default CPanel (powered by Sectigo) ? Note: I'm not talking about the cPanel users SSL, but the server, so when I login to WHM or cPanels, or webmails, etc.. Thank you for any direction.

Comments

8 comments

ffeingol

January 14, 2021 11:48
For the server SSL it's going to be the cPanel/Sectigo one by default if you let it. There is not built in method to put a Let's Encrypt cert for the server, but some people have found a way to do it.
0
cPRex Jurassic Moderator

January 14, 2021 13:46
Hey there! @ffeingol is correct that you can get a free SSL from Sectigo on the hostname. You can find more details about how to install this in our support article here:
0
psytanium

January 15, 2021 20:41
For the server SSL it's going to be the cPanel/Sectigo one by default if you let it. There is not built in method to put a Let's Encrypt cert for the server, but some people have found a way to do it.

You mean self signed certificate ? it will generate warnings. Is there a way to install free SSL but without generating warnings ?
0
cPRex Jurassic Moderator

January 15, 2021 20:43
The link I provided explains how you can force the installation of a free certificate on the server's hostname. Is that not working well for you?
0
psytanium

January 15, 2021 20:57
The link I provided explains how you can force the installation of a free certificate on the server's hostname. Is that not working well for you?

Hi, I did as the document explain, just running the command : /usr/local/cpanel/bin/checkallsslcerts
I get the following output: The system will check for the certificate for the "cpanel" service. The system will attempt to verify that the certificate for the "cpanel" service is still valid using OCSP (Online Certificate Status Protocol). The certificate for the "cpanel" service passed all checks. The system will check for the certificate for the "dovecot" service. The system will attempt to verify that the certificate for the "dovecot" service is still valid using OCSP (Online Certificate Status Protocol). The certificate for the "dovecot" service passed all checks. The system will check for the certificate for the "exim" service. The system will attempt to verify that the certificate for the "exim" service is still valid using OCSP (Online Certificate Status Protocol). The certificate for the "exim" service passed all checks. The system will check for the certificate for the "ftp" service. The system will attempt to verify that the certificate for the "ftp" service is still valid using OCSP (Online Certificate Status Protocol). The certificate for the "ftp" service passed all checks.
0
cPRex Jurassic Moderator

January 15, 2021 21:00
Thanks for the output. That looks normal for a certificate that is in good standing. If you want to replace it, it would be best to use the WHM >> Manage Service SSL Certificates are to reset each one to self-signed, and then run that command again to reinstall a valid one. There isn't a way to use that command to overwrite a valid certificate.
0
psytanium

January 16, 2021 07:20
Amazing, thank you. It worked after I did a reset, generated self signed cert, then run the command you provided :)
0
cPRex Jurassic Moderator

January 19, 2021 14:31
Great - I'm glad that's all that was needed!
0

Please sign in to leave a comment.

Comments

Didn't find what you were looking for?