Automatic Let's Encrypt SSL certificates on GoDaddy shared hosting for free

Questions and discussion about web design, search engine optimisation and hosting
rusty

Unread post by rusty » 2017-8-8 13:07

Got it to work! Instead of deploying the www......., I just deployed the name without www, since that seems to have been how it was called.

Thanks, also for the quick reply!!



Santeri
Posts: 287
Joined: 2017-7-5 09:58

Unread post by Santeri » 2017-8-22 12:00

Santeri wrote:
2017-7-10 12:52
I updated my pull request in GitHub including this fix: https://github.com/Neilpang/acme.sh/pull/940
My code has been merged to ACME dev branch and can be deployed using

Code: Select all

--deploy-hook cpanel_uapi

Santeri
Posts: 287
Joined: 2017-7-5 09:58

Unread post by Santeri » 2017-9-3 08:16

Good news! Automatic renewal worked today and my first certificate got renewed without any manual intervention. The bad news is that I discovered that if you have multiple subdomains in one certificate, only the first domain will be deployed. If you use the following command to issue and deploy domains one by one, it should work fine for you:

Code: Select all

acme.sh --issue -d webseodesigners.com -d www.webseodesigners.com --dns dns_gd

Code: Select all

acme.sh --deploy -d webseodesigners.com --deploy-hook cpanel
My cpanel hook has been merged to the acme.sh master branch so it is now available for all new installations. The only functional difference compared to these instructions (and my original code) is the name of the hook. Instead of cpanel you need to use cpanel_uapi. Here is an example:

Code: Select all

acme.sh --deploy -d webseodesigners.com --deploy-hook cpanel_uapi
Thanks a lot for helping me and happy hacking!

WP-GD-User

Unread post by WP-GD-User » 2017-11-10 21:32

When I checked my shared GoDaddy server it's only using Red Hat 4.4 and they have no schedule upgrade because it's a shared server. I let them know I'm really unhappy about how slow they are on the upgrade since version 4 stopped being supported years ago. However, I doubt they'll do anything about it since they know I want to use Let's Encrypt which I think is shooting themself in the foot, but that's another subject.

When I went to https://certbot.eff.org/ it only listed RHEL 6 and CentOS/REHL 7 as options for using the Certbot ACME client with Red Hat. Does anyone know if I used RHEL 6 if it would cause issues on installing and renewing my SSL Certs?

Santeri
Posts: 287
Joined: 2017-7-5 09:58

Unread post by Santeri » 2017-11-11 03:55

When I checked my shared GoDaddy server it's only using Red Hat 4.4 and they have no schedule upgrade because it's a shared server.
I haven't tried certbot, but I am using ACME on multiple GoDaddy accounts on their Asia and Europe servers without issues. You can easily just install it and give it a try. If it does not work for you, let me know and I will help you.

WP-GD
Posts: 1
Joined: 2017-11-10 21:34

Unread post by WP-GD » 2017-11-14 22:28

I didn't see an ACME client just called ACME. This is the list Lets Encrypt gives as options: https://letsencrypt.org/docs/client-options/

Santeri
Posts: 287
Joined: 2017-7-5 09:58

Unread post by Santeri » 2017-11-15 13:14

WP-GD wrote:
2017-11-14 22:28
I didn't see an ACME client just called ACME. This is the list Lets Encrypt gives as options: https://letsencrypt.org/docs/client-options/
It's listed as acme.sh. I've been working on that project and using Neil's script on 8 websites currently hosted on GoDaddy.

Santeri
Posts: 287
Joined: 2017-7-5 09:58

Unread post by Santeri » 2018-4-1 12:29

Santeri wrote:
2017-8-3 20:14
I am myself considering ditching GoDaddy and moving to Dreamhost.
Unfortunately I can not recommend Dreamhost any longer. They have a serious configuration error in their email servers. If your email bounces, it takes 3 days before you get a notification. 24 hours should be maximum time for giving a delivery warning.

Dreamhost has refused to fix this problem. I discovered this issue when I notices a mail server configuration error. The emails sent from DreamHost to *@iway.na email addresses in Namibia never go through. Both sides blame each other and neither of them is interested in getting the issue solved. As a customer it is not my problem although both of them seem to think so. Good luck.

mike-bkk

Unread post by mike-bkk » 2018-5-11 13:22

Thanks for all your shares. Will test this tonight.

Regarding Dreamhost, I was mostly quite happy with them for the last few years but they do have a lot of email problems and for the last 2 weeks, they've not replied to any support tickets. Not easy to find a decent, affordable hosting these days, it seems.

Santeri
Posts: 287
Joined: 2017-7-5 09:58

Unread post by Santeri » 2018-5-14 15:44

mike-bkk wrote:
2018-5-11 13:22
Not easy to find a decent, affordable hosting these days, it seems.
Please tell me if you find one. I will move there, too.

TonyCanuck
Posts: 1
Joined: 2018-12-25 03:35

Unread post by TonyCanuck » 2018-12-25 04:00

Hi,

Just following along on this for the first time. I have made it to and completed the step with this line:

Code: Select all

acme.sh --issue -d MYSITE.com -d www.MYSITE.COM -w ~/www --dns dns_gd
Do I need to run any other commands after that now that the script in the original post has been fixed in ACME already (as of Dec 2018)?

Is there a command I can run to see if things will renew correctly, or do we just wait?

Thanks so much for this post!

Santeri
Posts: 287
Joined: 2017-7-5 09:58

Unread post by Santeri » 2018-12-25 08:45

Hi Tony,

You don't need both of these verifying options. Just one is enough:
Webroot -w ~/www
DNS --dns dns_gd

If you have a .htaccess with redirects, then DNS is better. Otherwise you need to add the following exception to your .htaccess redirects

Code: Select all

RewriteRule ^.well-known/ - [L,NC]
Also don't forget to export GD_Key and GD_Secret before using the DNS option.

After issuing certificate you need to deploy it:

Code: Select all

acme.sh  --deploy  -d example.com  --deploy-hook cpanel_uapi
Cron job will be added automatically. Just make sure your email address is correctly added to cpanel to make sure cron output is sent to you by email. This way you will get an error email if renew fails.

In general if things go wrong, you will get an error message. Otherwise everything is fine.

Cheers,

Santeri

TimothyHew
Posts: 4
Joined: 2019-1-27 00:02

Unread post by TimothyHew » 2019-2-4 10:52

Wildcard ssl should be said to automatically applied to DNS server.
But I have a DNS in Namecheap.

How/where can I find TXT record to be used/inserted in Namecheap DNS server?

And my Lets Encrypt Log says,
"...
Starting domain verification process.
Token for checking has been created."

Santeri
Posts: 287
Joined: 2017-7-5 09:58

Unread post by Santeri » 2019-2-5 09:38

TimothyHew wrote:
2019-2-4 10:52
How/where can I find TXT record to be used/inserted in Namecheap DNS server?
TXT record is generated on the fly so you don´t need to add it manually. Namecheap is supported. Here are the instructions how to do it: https://github.com/Neilpang/acme.sh/tre ... -namecheap

If you want to do it manually, here are the instructions: https://github.com/Neilpang/acme.sh#9-u ... anual-mode

Cheers,

Santeri

Santeri
Posts: 287
Joined: 2017-7-5 09:58

Unread post by Santeri » 2020-4-16 19:59

I wrote detailed, step-by-step instruction how to install, configure and use acme.sh including my script: HOWTO: Automatic, free LetsEncrypt SSL certificates on GoDaddy shared hosting

Post Reply