cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Go to solution

Lets Encrypt SSL

Why is GoDaddy not supporting the free Lets Encrypt SSL certificate option which most good hosts seem to be doing? Is it just to make more money by selling a certificate at $69 a year?

Even specialist WordPress hosting such as WPEngine offer this free option so why not Godadddy?????

1 ACCEPTED SOLUTION
104 REPLIES 104

ok, I can do that. Should I update the acme.sh? What command should I use to reinstall it? The new version has the crontab command creation in the install?

Update the acme.sh with:

 

acme.sh --upgrade

And do all the steps starting with "Create API keys"

If you issue and deploy the certs, acme will create a cron job for auto-renewing. If you want, you can see that cronjob with command "crontab -e". 

Thanks @emreuenal and @HLF-admin for the great posts on auto-renewing Lets Encrypt on GoDaddy.

 

We recently signed up for shared cPanel hosting on GD, and I want to install Lets Encrypt without having to manually update it every 89 days.

 

While I'm pretty tech-savvy in general on Windows and PC hardware, I admit to being completely clueless when it comes to unix/ssh. As I read your posts, I can already see myself either (a) spending another 20 hours learning enough to try to understand your scripts, or (b) forging ahead blindly and screwing up our hosting account, or (c) both of the above.

 

This is a big ask, but since you've already been so generous with your time in following up on this topic, is there any way either of you could post a screenshare video on YouTube or somewhere else that walks complete unix/ssh noobs like me through finding an ssh tool for Windows and setting up that script on GoDaddy's shared hosting? (Or if you're aware of such a video already, post a link to it?)

 

Reading through the thread, I'm sure it would help a lot of people other than just myself (and probably save you a lot of time following up on posts).

 

Dunno if that's possible, but needed to ask before I waste a lot of time studying and end up screwing up our shared hosting anyways. 😉

 

Thx again,

jobb

Sorry for the delay in replying. Focused elsewhere.

 

While there are plenty of options to make an SSH connection to your server, PuTTY seems to be the most popular, and in my experience standalone application is better than a client imbedded into the OS. My reason mostly is due to easily saved configurations for multiple connections.

SSH.com is a good resource. Check them out here for more info. This part is an easy learning curve to get in front of. Download and install the app appropriate for your environment.

 

The next part is a little different depending on what your hosting server is. You will use basically the same credentials as your FTP access. Host, username and password. You should open up in your home directory. Let your first activities be getting used to viewing directories and permissions.

 

For purposes of installing the Let'sEncrypt certificates, follow the instructions outlined in earlier posts. Generally speaking, server environments, whether shared or VPS, have permissions required to perform commands. If you do not have permission, the system won't let you. I was told that while it *is* possible to break something, permissions won't let you kill everything. And in my experience so far, the critical things are locked down.

 

As for why the command line entries do what they do, you should spend a little time to get up on the learning curve anyway. Hours or days or weeks doesn't matter because once you start to tweak your share of the black box you won't want to go backwards to just letting someone else do all the work. If that's all you wanted "I just want it to work," you have the privilege of paying GoDaddy for their certificate. They install it and make it just "work."

 

Please don't take this comment as anything other than what it is: an invitation to explore the depths of internet infrastructure. For me, it's a learn-as-I-go process, an adventure. Google is my friend, and so are the folks here in the GoDaddy Community.

 

Good luck, and dive in.

 

 

jobb,

I dug the info what @emreuenal and @HLF-admin provided and prepared a detailed step-by-step manual on how to set up auto-renewal of Let's Encrypt on GoDaddy shared hosting for my customers. Please take a look and let me know (in private message) if you get any problems following the instructions:

 

https://hostbrook.com/lets-encrypt-auto-renewal/

 

I have checked it on Deluxe Hosting with cPanel, it works perfectly. Thanks a lot to  @emreuenal and @HLF-admin !

Sincerely,
Dzyanis Sukhanitski

@dzyanis and @emreunal and @HLF-admin 

Thank you so much for your information and help!

I am about to start testing this on a couple of test domains.

 

I realise, before I start, that there are three important security questions to answer.

  1. How do I revoke a certificate once it has been issued? This is what I think should be done, but I don't want to make a mess.
    acme.sh --revoke --domain example.com --domain '*.example.com' --dns dns_gd
    acme.sh --remove --domain example.com --domain '*.example.com' --deploy-hook cpanel_uapi
  2. How do I tell acme that I no longer want to renew a specific certificate, e.g. if I get rid of a domain? Again, this is what I think should be done, but I don't want to make a mistake.
    acme.sh --remove --domain example.com --domain '*.example.com'
  3. Finally, I know that I can upgrade acme.
    acme.sh --upgrade
    The problem is that this isn't an automatic process, which means that I could forget to do it. So, here's the question: Does acme do this automatically with its cron job? Or, should I add a cron job to do this automatically? Or, is there a way to be notified when acme is updated, so that I know to run this command?

Thank you again!

Hello @PaddyLandau,

1. To revoke a certificate:

acme.sh --revoke -d example.com

2. To stop certificate renewal (to remove the cert from the renewal list😞

acme.sh --remove -d example.com

3. To make  acme.sh be kept up to date automatically:

acme.sh --upgrade --auto-upgrade

 To disable auto-upgrade:

acme.sh --upgrade --auto-upgrade 0

 Hopefully, it helps you.

Sincerely,
Dzyanis Sukhanitski

@Bnystrom - I know someone else has asked this before too, but can you share the process involved in setting up Letsencrypt on Godaddy Deluxe Hosting Linux (Shared). Thanks!

I am so totally with you on this.  In Motion Hosting offers free SSL for sites that don't have ecommerce.  My Godaddy hosting is for small website, non-profits and yet they want to charge me like I'm a big business.

 

Would be a different story if they allowed Let's Encrypt.  I am so frustrated!!!  GoDaddy use to care about it's customers but I am getting very fed up with the way they treat existing customers.

I've been with GoDaddy since 1997 and byte by byte they have taken a bite out of my pocket.  Over the last few years I've started sites (7) on Siteground - first for their live chat customer service and GoGeek service that solved problems keeping me free to work. Recently, I have installed the free Lets Encrypt on the Siteground sites and wanted to do the same on my GoDaddy sites to find how difficult they make it and how costly it would be.

 

I guess after 21 years of paying rent to GoDaddy it's time to move.

 

 That's the conclusion I have come to as well.  But, 21 years! Good on you.

 

As you mention, there are other options, and I've decided to also move on.

I'll be making the move to a different service in the coming weeks.

I feel your pain. I have clients who still use GoDaddy and I cringe whenever a new prospective clients states they are using GD.

Leaving GD will be the best thing you can ever do. Move to quality host such as WPEngine. If you prefer to pay less but get quality hosting, use someone like Hostgator, BlueHost, or Siteground. Hostgator & Bluehost offer free SSL. WPEngine & Siteground offer paid SSL or free Let's Encrypt SSL.

Thank you for this info - I see HostGator and Bluehost touted often on sites with affiliate links - and so never quite sure if they are just pushing it as they get a % or if they are actually good companies to use but possibly just both. 

 

I have kept my GD account on a monthly pay as I go as it is the same cost monthly or yearly - (no savings for long-term which is odd) anyway I'll be moving my sites shortly. 

Count me in as a user who has been with GoDaddy for a very long time and will be leaving very soon for BlueHost.

 

Small bloggers, large businesses... GoDaddy is about to find out that all money is green. When an animal is trapped, in this case by Google's SSL requirement, it's fight or flight.

 

Flight it is. I really hope some one at GoDaddy is listening; this is my breaking point and I'd rather not have to do this.

I'm trying to setup letsencrypt on a VPS, not hosted by godaddy, and the DNS challenge is failing even after adding the required TXT entry to DNS. I think godaddy is being malicious in blocking free ssl certs. Prove me wrong!

So do GD reps ever step in and help or explain how to solve these issues? Usually the service department is super helpful that’s the one thing I’ve liked, if not they should really start paying attention to these feeds.

I had a tech support issue and spoke with GD.  The tech rep was very nice and helpful and asked if there was anything else he could help with.  I decided to get into a discussion about free SSL and how other hosting companies offer it.  Heck, I could have been speaking in an alien language.  He tried to tell me that GD didn't know that it was offered free anywhere.  I told him it was a complete rip off and customers would start jumping ship.  I also asked him if anyone monitors these forums, I was told yes they do.

 

Well Go Daddy, if you are monitoring these forums and with the number of upset customers over this issue, why have you not publicly addressed it?  Or are they afraid if they maintain their costly solution and outright tell us they don't care, more customers will abandon GD?

Yes, HostGator and Bluehost are unequivocally better solutions. I'd just bypass the affiliate link and head straight to the site if you don't trust the reviewer's ethics (e.g. if you think they are just putting the highest percentage affiliate payout host at the top of the list).

 Hope those help 😉

That's too bad! I have the same problem here, I hope people could read this before starting to work with Godaddy, they just care about more and more money, and not to give a good service. Really bad hosting. 

@irodxx — It's working. You have to do a little work to get it set up, but it's straightforward. Once set up, it updates itself automatically. You need SSH access. See the instructions given by @emreunal .