{"id":524,"date":"2021-07-23T12:32:06","date_gmt":"2021-07-23T12:32:06","guid":{"rendered":"https:\/\/ssdsunucum.com\/blog\/the-lets-encrypt-plugin\/"},"modified":"2021-07-23T12:32:06","modified_gmt":"2021-07-23T12:32:06","slug":"the-lets-encrypt-plugin","status":"publish","type":"post","link":"https:\/\/ssdsunucum.com\/blog\/the-lets-encrypt-plugin\/","title":{"rendered":"The Let&#8217;s Encrypt\u2122 Plugin"},"content":{"rendered":"<\/p>\n<div class=\"col-md-9\">\n<div class=\"flex-column flex-md-row article-header\">\n<div id=\"versioned-article-header\">\n<p class=\"valid-version-info\"><em>Valid for versions 88 through the latest version<\/em><\/p>\n<\/div>\n<div id=\"version-select-group\" aria-label=\"select versions\">\n<h4>Version:<\/h4>\n<h4>82<\/h4>\n<h4>84<\/h4>\n<h4>86<\/h4>\n<h4>88<\/h4>\n<\/div><\/div>\n<hr>\n<h2 id=\"overview\">Overview<\/h2>\n<p>This plugin allows the AutoSSL feature to issue certificates from the Let\u2019s Encrypt\u2122 provider. You can use this plugin if you do not want to use cPanel\u2019s default provider. Let\u2019s Encrypt can issue certificates faster than the cPanel (powered by Sectigo) default provider. It also allows you to secure wildcard domains, which the default provider cannot do. However, unlike the default provider, Let\u2019s Encrypt imposes significant rate and domain limits. For more information, read our Guide to SSL documentation.<\/p>\n<div class=\"callout callout-warning\">\n<div class=\"callout-heading\">Important:<\/div>\n<div class=\"callout-content\">\n<ul>\n<li>This plugin does <strong>not<\/strong> generate hostname certificates for your system\u2019s services. It only generates SSL certificates for your cPanel accounts. For more information, read our Manage AutoSSL documentation.<\/li>\n<li>Let\u2019s Encrypt provides all future SSL and Wildcard SSL certificates when you select Let\u2019s Encrypt as your default provider. For more information on generating SSL certificates, read our Generate an SSL Certificate and Signing Request documentation.<\/li>\n<li>The Common Name (CN) entry of an SSL certificate is cosmetic and does <strong>not<\/strong> affect the security of a certificate.<\/li>\n<li>An SSL certificate\u2019s CN does <strong>not<\/strong> need to be the main domain. The certificate covers <em>all<\/em> domains listed in the certificate\u2019s Subject Alternative Name (SAN) field.<\/li>\n<\/ul><\/div>\n<\/div>\n<h3 id=\"wildcard-domains\">Wildcard domains<\/h3>\n<p>The Let\u2019s Encrypt provider allows AutoSSL to use wildcard domains to reduce the number of domains for each certificate. This helps reduce the size of SSL certificates, which will reduce the time of the SSL\/TLS handshake process. This also allows users to secure more domains without reaching Let\u2019s Encrypt\u2019s domain limits.<\/p>\n<p>For example, your <code>example.com<\/code>, <code>www.example.com<\/code>, and <code>mail.example.com<\/code> domains share a website. The Let\u2019s Encrypt provider lets AutoSSL acquire a certificate for only the <code>example.com<\/code> and <code>*.example.com<\/code> domains. When the issued certificate contains the <code>*.example.com<\/code> wildcard domain, that certificate also matches all first-level subdomains of <code>example.com<\/code>. In this example, this includes the <code>www.example.com<\/code> and <code>mail.example.com<\/code> domains.<\/p>\n<h4 id=\"limitations\">Limitations<\/h4>\n<p>If you use the Let\u2019s Encrypt plugin to issue certificates for wildcard domains, be aware that:<\/p>\n<ul>\n<li>\n<p>This plugin cannot use HTTP DCV challenges to issue certificates for wildcard domains. This is because Let\u2019s Encrypt does not support this type of challenge. For more information, read Let\u2019s Encrypt\u2019s HTTP-01 challenge type documentation.<\/p>\n<\/li>\n<li>\n<p>You cannot use this plugin to obtain certificates for wildcard domains if you use third-party DNS hosting. You <strong>must<\/strong> host DNS on your local cPanel &#038; WHM server or within the server\u2019s DNS cluster.<\/p>\n<\/li>\n<\/ul>\n<h2 id=\"installation\">Installation<\/h2>\n<p>To install the plugin, perform the following steps:<\/p>\n<ol>\n<li>\n<p>Log in to the server as the <code>root<\/code> user.<\/p>\n<\/li>\n<li>\n<p>Run the following command:\n<\/p>\n<div class=\"highlight\">\n<pre style=\"color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4\"><code class=\"language-BASH\" data-lang=\"BASH\">\/usr\/local\/cpanel\/scripts\/install_lets_encrypt_autossl_provider<\/code><\/pre>\n<\/div>\n<\/li>\n<li>\n<p>Log in to WHM and navigate to the <em>Manage AutoSSL<\/em> interface (<em>WHM<\/em> &gt;&gt; <em>Home<\/em> &gt;&gt; <em>SSL\/TLS<\/em> &gt;&gt; <em>Manage AutoSSL<\/em>).<\/p>\n<\/li>\n<li>\n<p>In the <em>Providers<\/em> tab, select the <em>Let\u2019s Encrypt\u2122<\/em> option. The interface will display the <em>Terms of Service<\/em> section.<\/p>\n<\/li>\n<li>\n<p>Review Let\u2019s Encrypt\u2019s terms of service. If you agree, select the <em>I agree to these terms of service<\/em> option.<\/p>\n<\/li>\n<li>\n<p>Click <em>Save<\/em>.<\/p>\n<\/li>\n<\/ol>\n<h2 id=\"recreate-your-registration\">Recreate your registration<\/h2>\n<p>In the <em>Manage AutoSSL<\/em> interface, check the <em>Recreate my current registration with \u201cLet\u2019s Encrypt\u2122\u201d.<\/em> box after you accept the terms of service to recreate your provider registration. This replaces your current registration with a new one. This is optional and not required to use the Let\u2019s Encrypt provider.<\/p>\n<h2 id=\"uninstall-the-plugin\">Uninstall the plugin<\/h2>\n<p>To uninstall the plugin, perform the following steps:<\/p>\n<ol>\n<li>\n<p>Log in to the server as the <code>root<\/code> user.<\/p>\n<\/li>\n<li>\n<p>Run the following command:\n<\/p>\n<div class=\"highlight\">\n<pre style=\"color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4\"><code class=\"language-BASH\" data-lang=\"BASH\">\/usr\/local\/cpanel\/scripts\/uninstall_lets_encrypt_autossl_provider<\/code><\/pre>\n<\/div>\n<\/li>\n<\/ol><\/div>\n","protected":false},"excerpt":{"rendered":"<p>Valid for versions 88 through the latest version Version: 82 84 86 88 Overview This plugin allows the AutoSSL feature to issue certificates from the Let\u2019s Encrypt\u2122 provider. You can use this plugin if you do not want to use cPanel\u2019s default provider. Let\u2019s Encrypt can issue certificates faster than the cPanel (powered by Sectigo) &hellip;<\/p>\n","protected":false},"author":1,"featured_media":525,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[1],"tags":[],"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/ssdsunucum.com\/blog\/wp-json\/wp\/v2\/posts\/524"}],"collection":[{"href":"https:\/\/ssdsunucum.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ssdsunucum.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ssdsunucum.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/ssdsunucum.com\/blog\/wp-json\/wp\/v2\/comments?post=524"}],"version-history":[{"count":0,"href":"https:\/\/ssdsunucum.com\/blog\/wp-json\/wp\/v2\/posts\/524\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/ssdsunucum.com\/blog\/wp-json\/wp\/v2\/media\/525"}],"wp:attachment":[{"href":"https:\/\/ssdsunucum.com\/blog\/wp-json\/wp\/v2\/media?parent=524"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ssdsunucum.com\/blog\/wp-json\/wp\/v2\/categories?post=524"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ssdsunucum.com\/blog\/wp-json\/wp\/v2\/tags?post=524"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}