AutoSSL Letsencrypt for services
Hello,
I have been using the cPanel API to install certificates based on this thread:
[How-To] Installing SSL from Let's Encrypt
However, I have switched to AutoSSL and I am wondering how I can have the autossl certificates installed for services (mail, whm, cPanel).
1. Is it possible?
2. If not, where are the certificates used by AutoSSL so I can install them via the API
3. IF so, what are the settings that I need to update?
4. Do I need dedicated IP addresses for the domains for which I want to use this?
This is my current command for installing services ssl
I am interested in knowing the locations of Autossl certificates anyway. Where are these? Cpanel version 58 build 28 Thank you!
my $request = HTTP::Request->new( POST => "https://127.0.0.1:2087/json-api/install_service_ssl_certificate?api.version=1&service=$service&crt=$cert&key=$key" );
$request->header( Authorization => $auth );
my $response = $ua->request($request);I am interested in knowing the locations of Autossl certificates anyway. Where are these? Cpanel version 58 build 28 Thank you!
-
However, I have switched to AutoSSL and I am wondering how I can have the autossl certificates installed for services (mail, whm, cPanel). 1. Is it possible? 2. If not, where are the certificates used by AutoSSL so I can install them via the API 3. IF so, what are the settings that I need to update? 4. Do I need dedicated IP addresses for the domains for which I want to use this?
Hello, Free cPanel-signed certificates for the hostname (for use with your services) are automatically generated as of cPanel 56. Here's the relevant quote from the New in version 56- Revoked. " New in version 56
- Self-signed.
- Invalid (For example, your server's hostname must be valid and resolve in DNS).
- Expires in less than one week. Note: Comodo" cross-signs these cPanel-signed certificates for additional security. Your server will automatically order the free signed certificate when the server runs the /usr/local/cpanel/bin/checkallsslcerts tool as part of the upcp maintenance script and connects to the license server. The server will download and install the certificate when it is available. When that signed certificate is less than seven days from expiration, your server will automatically order a replacement free signed certificate. The server will download and install the certificate when it is available. Otherwise, if the signed certificate expires, the server will install a self-signed certificate, and then replace that certificate with the free signed certificate when it is ready. If you wish to replace your services certificate with one from another provider, use WHM's .
Could you verify if this is the functionality you are seeking, or are you attempting to install your own custom SSL certificates for the services? Thank you.0 -
Ah. I did not know that. I have activated that now by reseting the certificate and running the script. All is up and running now. I will use SNI for the other domain names and start using the hostname for WHM/CPanel and the generic email server. 0 -
I'm happy to see that information helped. Thank you for updating this thread with the outcome. 0
Please sign in to leave a comment.
Comments
3 comments