The feature AutoSSL that is available on our servers ensure that SSL/TLS certificates are issued and set up automatically for all domains and subdomains on our web hosting accounts. Each time a new domain or subdomain is added to an account, AutoSSL issues a certificate from cPanel/Sectigo, enabling https from the very beginning.
For domains already added to web hosting accounts, AutoSSL makes sure to renew certificates automatically well before they expire. This should ensure that https will work without interruptions, and without any manual handling. However, if you currently have certificates issued via Let’s Encrypt, they will remain managed by Let’s Encrypt in the future as well.
Using AutoSSL
To access AutoSSL, begin by logging on to cPanel. Then click the SSL/TLS Status
icon under Security
.
A bit down on the page, you’ll find a table showing all domains/subdomains on your web hosting account. If the domain currently is using a certificate issued by AutoSSL, you’ll see the following:
If you have domains/subdomains that use our DNS servers, but are pointed towards servers run by another provider, and are planned to continue to do so, it can be a good idea to exclude the domains from AutoSSL. This is also applicable to domains that you’re planning to point to another provider soon. To exclude domains, click Exclude from AutoSSL
. The server will no longer try to issue certificates for that specific domain/subdomain.
The opposite is also true: if you already have a domain set up on a web hosting account but it currently points towards a server from another provider and is excluded from AutoSSL, you can activate SSL for it by clicking Include during AutoSSL
. As soon as the domain is pointed towards our server, a certificate will be issued.
If you choose to include a domain previously excluded from AutoSSL, a certificate will be issued the next time AutoSSL is run on the server. You may also force an AutoSSL run by clicking the Run AutoSSL
button above the list of domains.
You may also choose to include/exclude multiple domains at once. To do this, click the checkbox to the left of each domain and click one of the buttons labelled Include Domains during AutoSSL
or Exclude Domains from AutoSSL
. Hence, you do not have to click individual include- or exclude buttons for each domain separately.
Failed renewals
If AutoSSL would fail to issue or renew a certificate due to any reason, an email will be sent to the registrered email address within cPanel. If you wish to disable these messages, they can be turned off via cPanel.
In these messages, the reason as to why the certificate couldn’t be issued or renewed will be stated. Some common reasons include:
- The domain is not registered or has expired.
- The domain is not pointing towards our server.
- The domain is pointing nowhere.
- The domain is not valid.
Below, an example of such a notification is shown:
Based on the reason as to why the renewal failed, you can take different actions:
- Exclude the domain from AutoSSL (according to the instructions above).
- Remove the domain from the web hosting accounts if the domain is neither pointing at our server or uses our DNS servers.
- Register the domain if you want to use it, if it is available at the moment.