BuycPanel Blog

BuycPanel Blog

Latest news and updates

The Let’s Encrypt Plugin

Posted by Allura on 31 08 2018.

Introduction
The Let’s Encrypt™ plugin allows users with cPanel accounts to automatically furnish sites with Let’s Encrypt SSL certificates, if they do not possess valid CA-signed SSL certificates.

cPanel is designed to work either as virtual private server or a dedicated server, it is a hard to remove software. Plugins add new uses to the cPanel interface. Different cPanel themes have specific and inherently different requirements for cPanel Plugins.

TSL And SSL
The Transport Layer Security (TLS) and Secure Sockets Layer (SSL) are protocols used by servers to safely communicate over the internet. These protocols can only work after the computer and the system have agreed on certain specified provisions. Most exigent of which is a set of public and private keys, which help encrypt and decrypt messages.

SSL certificates need to be reset before it can expire. Once it expires it becomes invalid. After the certificate for the cPanel account expires users are notified…

Introduction

The Let’s Encrypt™ plugin allows users with cPanel accounts to automatically furnish sites with Let’s Encrypt SSL certificates, if they do not possess valid CA-signed SSL certificates.

cPanel is designed to work either as virtual private server or a dedicated server, it is a hard to remove software. Plugins add new uses to the cPanel interface. Different cPanel themes have specific and inherently different requirements for cPanel Plugins.

TSL And SSL

The Transport Layer Security (TLS) and Secure Sockets Layer (SSL) are protocols used by servers to safely communicate over the internet. These protocols can only work after the computer and the system have agreed on certain specified provisions. Most exigent of which is a set of public and private keys, which help encrypt and decrypt messages.

SSL certificates need to be reset before it can expire. Once it expires it becomes invalid. After the certificate for the cPanel account expires users are notified via emails. The system is designed to automatically renew self-signed certificates after they expire, users can also renew them manually.

Servers have the ability to produce and sign their own certificates. However such if the server signs its own certificates instead of going through a third party verification, it can be easily copied by any unauthorised server. Hence, a certificate obtained through a CA instead of a self signed one is recommended. This is where the Let’s Encrypt™ plugins come into play, by providing cPanel accounts with Let’s Encrypt SSL certificates in case they do not have valid CA-signed SSL certificates.

Installation Process

For installing the Plugins users have to abide by the following process-

  • Log in to the command line via SSH as the root user.
  • Run the given command

/scripts/install_lets_encrypt_autossl_provider

For Disabling and Uninstalling the Let’s Encrypt™ Plugin one needs to run the /usr/local/cpanel/scripts/uninstall_lets_encrypt_autossl_provider command.

Configuration Process

In order to select Let’s Encrypt as the AutoSSL provider, users need to avail WHM’s Manage AutoSSL interface (WHM >> Home >> SSL/TLS >> Manage AutoSSL).

 

Conclusion

If users follow the given instructions to install and configure their Let’s Encrypt™ plugins they can easily have access to legitimate Let’s Encrypt SSL certificates, even if they do not have access to valid  CA-signed SSL certificates. Which are recommended to reduce the chances of an external server copying the produced certificates without authorisation.