Oderland supports the use of Let’s Encrypt on all of our hosting accounts. This means that you can easily make your website or application safer by installing a SSL certificate to encrypt the web traffic to and from the web server.
Let’s Encrypt is a service that automatically generates valid SSL certificates for free. The certificates are valid for three months and will automatically renew one month before they expire. If you are not familiar with what SSL/TLS is, you can read more about it here.
Installing a certificate
To get started with Let’s Encrypt you need to do the following:
- Login to cPanel.
- Once you have logged in, find the group called
Security
and click the button that saysLets Encrypt SSL
. - You will see a page which displays your domains and any active Let’s Encrypt certificates you might have.
- To issue a certificate for a domain, click on the link that says
Issue
just to the right of the domain. - If you have any Aliases attached to that domain name you will be given the option to install Let’s Encrypt for those domains as well.
- When asked for the SSL validation method you should leave it on
http-01
(the default) unless you are issuing a wildcard certificate. - Click on
Issue
when you are done.
When it is finished you should be seeing the new certificate under the section Your domains with Let's Encrypt™ certificates
. You should be able to see which domain that is the CN (common name) for the certificate (see the domain column), what other domains that are included in the certificate (alternative names) and when the certificate expires. You can also remove, reinstall or display the certificate.
By now your website is available to both unencrypted traffic (http) as well as encrypted traffic (https). You can add a redirect to steer visitors onto https (secure).
Common issues
- If there is an error while issuing your certificate it could be due to a rule in your
.htaccess
file which stops Let’s Encrypt from accessing your website. You can try to add the following code to the top of your .htaccess file. The code allows Lets Encrypt to access the .well-known folder which it uses for authentication. You can add this code by using the File manager in cPanel. Just remember that the .htaccess file is a hidden file so you need to make sure show hidden files is activated.RewriteEngine on RewriteCond %{REQUEST_URI} ^/.well-known/(pki-validation|acme-challenge)/ [NC] RewriteRule .* - [L]
- You cannot issue Let’s Encrypt certificates for a subdomain to the hemsida.eu domain.
- If the main domain of your hosting account is a subdomain for hemsida.eu and you are trying to issue a certificate for an Alias then the process will fail. You will need to remove the Alias and then add that domain as an Addon Domain instead. Keep in mind that any changes that you have made to DNS will be reset if you do this.
- If the domain you are issuing a certificate for is not pointing to our server then Let’s Encrypt will not be able to verify the request. You must first point the domain to the server where your web hosting account is located.