Automatic Let's Encrypt SSL certificates on GoDaddy shared hosting for free
Got it to work! Instead of deploying the www......., I just deployed the name without www, since that seems to have been how it was called.
Thanks, also for the quick reply!!
Thanks, also for the quick reply!!
-
- Posts: 323
- Joined: 2017-7-5 09:58
My code has been merged to ACME dev branch and can be deployed usingSanteri wrote: ↑2017-7-10 12:52I updated my pull request in GitHub including this fix: https://github.com/Neilpang/acme.sh/pull/940
Code: Select all
--deploy-hook cpanel_uapi
-
- Posts: 323
- Joined: 2017-7-5 09:58
Good news! Automatic renewal worked today and my first certificate got renewed without any manual intervention. The bad news is that I discovered that if you have multiple subdomains in one certificate, only the first domain will be deployed. If you use the following command to issue and deploy domains one by one, it should work fine for you:
My cpanel hook has been merged to the acme.sh master branch so it is now available for all new installations. The only functional difference compared to these instructions (and my original code) is the name of the hook. Instead of cpanel you need to use cpanel_uapi. Here is an example:
Thanks a lot for helping me and happy hacking!
Code: Select all
acme.sh --issue -d webseodesigners.com -d www.webseodesigners.com --dns dns_gd
Code: Select all
acme.sh --deploy -d webseodesigners.com --deploy-hook cpanel
Code: Select all
acme.sh --deploy -d webseodesigners.com --deploy-hook cpanel_uapi
When I checked my shared GoDaddy server it's only using Red Hat 4.4 and they have no schedule upgrade because it's a shared server. I let them know I'm really unhappy about how slow they are on the upgrade since version 4 stopped being supported years ago. However, I doubt they'll do anything about it since they know I want to use Let's Encrypt which I think is shooting themself in the foot, but that's another subject.
When I went to https://certbot.eff.org/ it only listed RHEL 6 and CentOS/REHL 7 as options for using the Certbot ACME client with Red Hat. Does anyone know if I used RHEL 6 if it would cause issues on installing and renewing my SSL Certs?
When I went to https://certbot.eff.org/ it only listed RHEL 6 and CentOS/REHL 7 as options for using the Certbot ACME client with Red Hat. Does anyone know if I used RHEL 6 if it would cause issues on installing and renewing my SSL Certs?
-
- Posts: 323
- Joined: 2017-7-5 09:58
I haven't tried certbot, but I am using ACME on multiple GoDaddy accounts on their Asia and Europe servers without issues. You can easily just install it and give it a try. If it does not work for you, let me know and I will help you.When I checked my shared GoDaddy server it's only using Red Hat 4.4 and they have no schedule upgrade because it's a shared server.
-
- Posts: 1
- Joined: 2017-11-10 21:34
I didn't see an ACME client just called ACME. This is the list Lets Encrypt gives as options: https://letsencrypt.org/docs/client-options/
-
- Posts: 323
- Joined: 2017-7-5 09:58
It's listed as acme.sh. I've been working on that project and using Neil's script on 8 websites currently hosted on GoDaddy.WP-GD wrote: ↑2017-11-14 22:28I didn't see an ACME client just called ACME. This is the list Lets Encrypt gives as options: https://letsencrypt.org/docs/client-options/
-
- Posts: 323
- Joined: 2017-7-5 09:58
Unfortunately I can not recommend Dreamhost any longer. They have a serious configuration error in their email servers. If your email bounces, it takes 3 days before you get a notification. 24 hours should be maximum time for giving a delivery warning.
Dreamhost has refused to fix this problem. I discovered this issue when I notices a mail server configuration error. The emails sent from DreamHost to *@iway.na email addresses in Namibia never go through. Both sides blame each other and neither of them is interested in getting the issue solved. As a customer it is not my problem although both of them seem to think so. Good luck.
Thanks for all your shares. Will test this tonight.
Regarding Dreamhost, I was mostly quite happy with them for the last few years but they do have a lot of email problems and for the last 2 weeks, they've not replied to any support tickets. Not easy to find a decent, affordable hosting these days, it seems.
Regarding Dreamhost, I was mostly quite happy with them for the last few years but they do have a lot of email problems and for the last 2 weeks, they've not replied to any support tickets. Not easy to find a decent, affordable hosting these days, it seems.
-
- Posts: 1
- Joined: 2018-12-25 03:35
Hi,
Just following along on this for the first time. I have made it to and completed the step with this line:
Do I need to run any other commands after that now that the script in the original post has been fixed in ACME already (as of Dec 2018)?
Is there a command I can run to see if things will renew correctly, or do we just wait?
Thanks so much for this post!
Just following along on this for the first time. I have made it to and completed the step with this line:
Code: Select all
acme.sh --issue -d MYSITE.com -d www.MYSITE.COM -w ~/www --dns dns_gd
Is there a command I can run to see if things will renew correctly, or do we just wait?
Thanks so much for this post!
-
- Posts: 323
- Joined: 2017-7-5 09:58
Hi Tony,
You don't need both of these verifying options. Just one is enough:
Webroot -w ~/www
DNS --dns dns_gd
If you have a .htaccess with redirects, then DNS is better. Otherwise you need to add the following exception to your .htaccess redirects
Also don't forget to export GD_Key and GD_Secret before using the DNS option.
After issuing certificate you need to deploy it:
Cron job will be added automatically. Just make sure your email address is correctly added to cpanel to make sure cron output is sent to you by email. This way you will get an error email if renew fails.
In general if things go wrong, you will get an error message. Otherwise everything is fine.
Cheers,
Santeri
You don't need both of these verifying options. Just one is enough:
Webroot -w ~/www
DNS --dns dns_gd
If you have a .htaccess with redirects, then DNS is better. Otherwise you need to add the following exception to your .htaccess redirects
Code: Select all
RewriteRule ^.well-known/ - [L,NC]
After issuing certificate you need to deploy it:
Code: Select all
acme.sh --deploy -d example.com --deploy-hook cpanel_uapi
In general if things go wrong, you will get an error message. Otherwise everything is fine.
Cheers,
Santeri
-
- Posts: 4
- Joined: 2019-1-27 00:02
Wildcard ssl should be said to automatically applied to DNS server.
But I have a DNS in Namecheap.
How/where can I find TXT record to be used/inserted in Namecheap DNS server?
And my Lets Encrypt Log says,
"...
Starting domain verification process.
Token for checking has been created."
But I have a DNS in Namecheap.
How/where can I find TXT record to be used/inserted in Namecheap DNS server?
And my Lets Encrypt Log says,
"...
Starting domain verification process.
Token for checking has been created."
-
- Posts: 323
- Joined: 2017-7-5 09:58
TXT record is generated on the fly so you don´t need to add it manually. Namecheap is supported. Here are the instructions how to do it: https://github.com/Neilpang/acme.sh/tre ... -namecheapTimothyHew wrote: ↑2019-2-4 10:52How/where can I find TXT record to be used/inserted in Namecheap DNS server?
If you want to do it manually, here are the instructions: https://github.com/Neilpang/acme.sh#9-u ... anual-mode
Cheers,
Santeri
-
- Posts: 323
- Joined: 2017-7-5 09:58
I wrote detailed, step-by-step instruction how to install, configure and use acme.sh including my script: HOWTO: Automatic, free LetsEncrypt SSL certificates on GoDaddy shared hosting