Knowledge Base

How to secure a cPanel-enabled account with a Let's Encrypt SSL certificate

This article discusses how Let's Encrypt can automatically generate, install, and renew SSL certificates on a cPanel-enabled hosting account.

Let's Encrypt is also enabled for all Windows hosting plans. For information about managing Let's Encrypt on Windows servers, please see this article.

About Let's Encrypt

Let's Encrypt is part of an initiative to encrypt as much World Wide Web traffic as possible. It is designed to make creating, installing, and renewing SSL certificates a simple and straightforward process.

Although Let's Encrypt SSL certificates are signed by a valid CA (certificate authority), there are some significant differences these certificates and those issued by a traditional CA. For more information about these differences, please see this article.

Using Let's Encrypt

Let's Encrypt is enabled for all new and most existing Webhosting and Reseller cPanel accounts. To see if Let's Encrypt is enabled for your account, click on the SSL/TLS icon in the Security section of cPanel. Then click Generate, view, upload, or delete SSL certificates. Let's Encrypt will appear in the Issuer column on the next page unless non-Let's Encrypt certificates were previously installed.

When Let's Encrypt is enabled for your account, you do not have to do anything else. The entire process of generating, installing, and renewing SSL certificates is done automatically. (The server has a process running that automatically renews Let's Encrypt certificates every 90 days so they stay valid.)

When Let's Encrypt is activated for a cPanel account, certificates are created for every existing domain and any domain that is added later.

When Let's Encrypt is enabled for an account, it does not overwrite any existing SSL certificates that are already installed on the account. All non-Let's Encrypt certificates take precedence, and are enabled before any Let's Encrypt certificates.

More Information

For more information about Let's Encrypt, please visit https://letsencrypt.org.