Linux Websites & SEO

Let’s Encrypt for cPanel – From zero to certificate fully installed in around ~12 seconds.

 Let’s Encrypt for cPanel is a cPanel/WHM plugin for the Let’s Encrypt service, which provides your end-users with the ability to instantly issue free trusted SSL certificates for all of their hosted domains.

I am late 3 months only with this article, but who cares?

Why should I use Let’s Encrypt SSL certificate?

It’s free – Anyone who owns a domain can obtain a trusted certificate for that domain at zero cost.
It’s automatic – The entire enrollment process for certificates occurs painlessly during the server’s native installation or configuration process. The renewal occurs automatically in the background.
It’s simple – There’s no payment, no validation emails, and certificates renew automatically.
It’s secure – Let’s Encrypt serves as a platform for implementing modern security techniques and best practices.

So, what is the difference between a free Let’s Encrypt certificate and a paid Comodo certficate?

There is no actual difference in protection.

FAQs

How long is the certificate valid?

SSL certificates generated by Let’s Encrypt are valid for 90 days. This is for two reasons as stated on their blog post:

They limit damage from key compromise and mis-issuance since stolen keys and mis-issued certificates are valid for a shorter period of time.
They encourage automation, which is absolutely essential for ease-of-use. This takes the burden off system administrators to manually handle renewals. Once issuance and renewal are automated, shorter lifetimes won’t be any less convenient than longer ones.

What level of encryption is available?

RSA-signed using 2048-bit RSA keys.

Cryptographic choices

Are wildcard certificates available?

No. This is also no longer necessary since it’s so simple to obtain a free Let’s Encrypt certificate for any domain/subdomain.

What browsers support Let’s Encrypt certs?

Certificates are trusted in all major browsers. View the blog post here:

https://letsencrypt.org/2015/10/19/lets-encrypt-is-trusted.html

Why doesn’t the certificate work with Windows XP?

Users running Windows XP are not able to use the certificate. View the following link for further details:

https://github.com/letsencrypt/letsencrypt/issues/1660
The solution is to add the following to your site’s .htaccess file.

<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTPS} !=on
RewriteCond "%{HTTP_USER_AGENT}" "!(Windows\ NT\ 5\.1|Windows\ NT\ 5\.2)" [NC]
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
</IfModule>

About the author

Luka Paunovic

I am Linux System Administrator and student of Business economics at John Naisbitt University.
Love to blog and read blogs.