A browser-trusted SSL(Secure Sockets Layer) certificate is crucial for a successful website.
SSL certificates not only offer protection to visitors, but search engines like Google also put more emphasis on sites secured with SSL(https://).
GreenGeeks automatically manages the SSL certificates for your domains, so adding SSL certificates is easy!
DNS Requirements: Domain Control Validation(DCV)
GreenGeeks automatically issues Lets Encrypt SSL certificates for all domains using DNS-based Domain Control Validation(DCV), which involves verifying that the requester of the SSL certificate has control over the domain.
DCV uses DNS or HTTP verification and works for domains pointed to the GreenGeeks Anycast Nameservers or those using 3rd party nameservers with A records, including Cloudflare.
Adding a new SSL Certificate
Whenever a new domain is added, the backend server will attempt to complete DCV for that domain to issue an SSL certificate. This process usually takes no more than 5-10 minutes.
Run AutoSSL Check
The first DCV check happens automatically a few minutes after a domain is added, but it’s also possible to run an AutoSSL DCV check on-demand at any time.
GreenGeeks Dashboard
- Click the Manage button next to your hosting account.
- From the Hosting Management view, open the Security drop-down menu and select the SSL Manager.
- On the SSL Manager page, click “Run AutoSSL Check” to run an AutoSSL check for all domains on that hosting account.
cPanel
- Login to cPanel.
- Click the cPanel icon in your GreenGeeks Dashboard.
- Within cPanel, Scroll down to the “Security” section.
- Click on the “SSL/TLS Status” icon.
- Click the “Run AutoSSL” button.
- AutoSSL will begin requesting, verifying, and installing the SSL certificate. You can monitor the progress on the same page.
- Once the AutoSSL process is complete, you will receive a confirmation message indicating whether the SSL certificate installation was successful.
Post Installation
After installation, you should verify that the SSL certificate is working correctly; try to access your website via HTTPS (e.g., https://www.yourdomain.com) and check for the padlock icon in the browser’s address bar.
For WordPress-based websites, GreenGeeks recommends updating the URLs directly within the MySQL DB to include HTTPS to avoid the additional performance overhead of using a plugin to do this, like Really Simple SSL.
DNS Not Pointed / Installation Fails
If GreenGeeks cannot complete DCV checks for a domain, such as when the DNS isn’t pointing to GreenGeeks, we won’t be able to issue the SSL certificate.
If you manage your DNS, check out this article about DNS updates that may be necessary to use Let’s Encrypt.
GreenGeeks will continue to re-try the DCV daily until we can issue the SSL certificate or the domains excluded from AutoSSL.
Exclude Domain from AutoSSL Coverage
You can exclude a specific (sub)domain from the AutoSSL DCV check by disabling AutoSSL coverage on that (sub)domain.
To exclude a domain, use the toggle within the SSL Manager in your GreenGeeks Dashboard, or access the SSL/TLS Status icon directly in cPanel.
GreenGeeks will not manage the SSL for excluded domains. If you wish to use SSL on an AutoSSL-excluded domain, the certificate will need to be installed manually.
What happens when the Let’s Encrypt certificate expires? Does GreenGeeks auto-renew it, and if so, how soon before the expiration date will that happen? (Mine expires in two days and LE recommends renewing it 30 days before expiration.)
Very clear. Thank you.
Hello guys,
Thank you for the information.
One question: If I installed Let’s Encrypt certificate with you, I need to do it every 90 days? Each time the certificate is expiring? I mean there is no automated renewal?
Thanks!
Hello guys,
If I already installed Let’s Encrypt SSL to my WordPress site, do I need the Really Simple SSL plugin?
If I do, do I need to connect them in any way?
Thank you for this post!
Helpful, but the current interface for this process is a little different than what’s currently there.
Also I’d appreciate more clarity (or a separate article entirely) on adding SSL to a WHM client account vs. to your primary account.
I wish all instructions were this easy to follow! Thanks for the great step-by-step explanation!
The cPanel has changed. I cannot follow this guide. Is there an updated version?
This is not cpanel, this is greengeeks whmcms interface, where you login @ greengeeks
There are 3 good questions at the end of this article that are not answered.
1. What happens when the Let’s Encrypt certificate expires? Does GreenGeeks auto-renew it, and if so, how soon before the expiration date will that happen?
2. If I already installed Let’s Encrypt SSL to my WordPress site, do I need the Really Simple SSL plugin?
If I do, do I need to connect them in any way?
3. If I installed Let’s Encrypt certificate with you, I need to do it every 90 days? Each time the certificate is expiring? I mean there is no automated renewal?
Amanda,
Let’s Encrypt certs renew automatically. How far in advance I’m not sure, but I can find out. The recommendation someone mentioned earlier for renewing a 90-day cert (like Let’s Encrypt) 30 days before expiration is unnecessary. There’s no technical benefit to doing that.
Installing an SSL cert on your account doesn’t change anything as far as your website files are concerned, so you still want to use an SSL plugin for WordPress. You can make the necessary changes without a plugin, but there are a lot of boxes to check and a plugin makes it much easier.
Do I need to keep renewing the SSL certificate or does it renew automatically
Michael,
Let’s Encrypt certs renew automatically.
Would you be able to do an article on how we can update subdomain SSL certificates? I find myself having to go on to the online chat regularly to do it, and it would great to be able to do it myself.