What is AutoSSL?
Is this set up to replace the need for private certificates from Verisign or Geotrust? Or is it just for services other than Apache?
I'm getting bogged down with the new Google "feature" that's going to require all of my sites to run entirely through security certificates (thanks to a simple "log in here" feature that doesn't really need to be secure). For me, that means 75+ new certificates that need to be purchased and installed, so if this can take the place of that then... yay! LOL
-
so if this can take the place of that then... yay! LOL
This blog post should be useful: cPanel & WHM"s AutoSSL | cPanel Blog0 -
Helpful, and thanks! But still not crystal clear. So it provides a domain-validated certificate, which (if I understand correctly) will allow all of my sites to show that they are "secure" without going through a third-party (paid). But the definition of a domain-validated certificate is a little more vague: Domain-validated certificate - Wikipedia Specifically: Chrome and Chromium display a green lock when the site's certificate is valid and its identity has been verified by a trusted third party
In order to work around Google's new rule requiring all pages with login information to be secure, will the AutoSSL cert still give an error, or will it (by default) be "verified by a trusted third party"? If it does work the way I hope, does that mean that cPanel has essentially put Geotrust and Verisign out of the certificates business?0 -
I haven't tried Chrome, but Chromium works just fine on the login pages of my sites that are running cPanel AutoSSL certificates. I get the green padlock in the address bar and no errors or warnings. The only differences I've seen with the AutoSSL certificates is that the AutoSSL certificates automatically renew every 90 days (for free), whereas the paid certs usually last for multiples of one year. With a paid certificate, you sometimes get access to a site seal, and as far as I know those aren't available with cPanel's AutoSSL certs. The 90-day renewal with AutoSSL isn't an issue, since it happens automagically without any intervention on your part once AutoSSL is enabled for an account. I've had really good luck with AutoSSL so far, and I've been using it since last October. I'd say you should give it a try. 0 -
In order to work around Google's new rule requiring all pages with login information to be secure, will the AutoSSL cert still give an error, or will it (by default) be "verified by a trusted third party"?
Hello @GoWilkes, The previous post is accurate. The certificates issued with the AutoSSL feature (through Comodo or Let's Encrypt) are signed certificates and are trusted by Chrome/Chromium. Thank you.0
Please sign in to leave a comment.
Comments
4 comments