Replace existing cert with lets encrypt

Erik Ellsinger

• October 19, 2016 13:24

I got the impression that the Auto SSL (with the Lets Encrypt plugin) would replace even non Lets Encrypt cert when they were close to expiring. But nothing happend to my Start SSL certificates when they were under a week from expiring. Did I get the wrong impression? Is it possible for Auto SSL to replace non Lets Encrypt certificates? Removing the Start SSL certificates is not an option since I have hsts with a years cache.

• 

  cPLevey

  • October 19, 2016 22:02

  Hello Erik, Great question! By default, AutoSSL will not attempt to replace pre-existing certificates that it did not issue. This behavior prevents the unexpected replacement of Extended Validation (EV) and Organizational Validation (OV) certificates from a certificate authority (CA) by AutoSSL-provided certificates. However, if you wish to allow AutoSSL to replace certificates that it did not issue, select the Allow AutoSSL to replace invalid or expiring non-AutoSSL certificates. option.
  More details can be found in the

  0
• 

  Erik Ellsinger

  • October 20, 2016 18:52

  Feels like I'm blind but where exactly in WHM do I find that option?

  0
• 

  cPLevey

  • October 20, 2016 18:55

  @Erik Ellsinger You should be able to find this option by navigating to WHM (Home "SSL/TLS "Manage AutoSSL) and clicking on the [ Options ] tab. I've attached a screen shot of this check box option.

  0
• 

  Erik Ellsinger

  • October 20, 2016 19:02

  I don't have that tab, this is how it looks for me:

  0
• 

  cPLevey

  • October 20, 2016 19:15

  Thanks for the update. After doing some more research, it appears this was a new implementation in version 60.

  0
• 

  Erik Ellsinger

  • October 20, 2016 19:22

  I see, will activate it when I update to version 60 then.

  0

Please sign in to leave a comment.