cPanel® Blog

cPanel’s Official Let’s Encrypt™ Plugin

In cPanel & WHM version 58, we introduced a new feature called AutoSSL. I posted about AutoSSL before, but in case you haven’t heard of it yet, here’s more information. AutoSSL allows you to enable a feature in your cPanel & WHM account package which triggers the automatic request and installation of Domain Validated Comodo-signed SSLs for your customers, free of charge. Security is incredibly important to us, and this is a feature we’ve been working on for a very long time.

AutoSSL and Let’s Encrypt

Let’s Encrypt™ is a new-comer to the certificate authority world, and it has gained popularity very quickly. They, too, offer free Domain Validated SSL certificates, which fits perfectly with AutoSSL. While adding support for Let’s Encrypt wasn’t on our roadmap until earlier this year, it quickly became the highest-voted request on our Feature Request site. That kind of unprecedented community support made us very excited, and our development teams worked hard to find time for it.

The first hurdle we encountered when researching incorporating Let’s Encrypt’s support to cPanel & WHM was that our development and release cycle is completely out of sync with theirs. To accommodate that while maintaining our standards, we decided to do something we have not done in a while: develop our own plugin to provide support for a third-party application.

The BETA version of that plugin was tested by a fantastic group of beta-testers, on production servers running cPanel & WHM versions 56 and 58. I’m happy to now be able to say that the plugin is available to everyone running cPanel & WHM version 58.0.17 and above. In version 58 the installation is limited to command-line access. Once you are SSH’ed into the server as root, you can just run this command:

/scripts/install_lets_encrypt_autossl_provider

Once installed, Let’s Encrypt will appear in WHM’s Manage AutoSSL interface (Home >> SSL/TLS >> Manage AutoSSL), where you can enable the provider.

Screenshot of the Manage AutoSSL Interface in WHM

Please note that there are several domain limits and rate limits associated with the Let’s Encrypt service. For a summary of these limits, read our AutoSSL documentation at http://go.cpanel.net/autossl

Upgrade now to get AutoSSL

AutoSSL reduces the barrier to securing your customer’s sites to zero and makes it a breeze to manage, but AutoSSL is only available on version 58 and above. Since cPanel & WHM version 56 is the last version to support CentOS5 & 32-bit operating systems, this feature won’t be available for CentOS5. If you want AutoSSL, it’s time to migrate to a new operating system! The good news is that the Transfer Tool now makes it easier than ever to migrate all of your system configurations and cPanel accounts. If you haven’t already, definitely take a look!

After upgrading, setting up AutoSSL is easy.

  • In WHM, navigate to the AutoSSL interface, and click to toggle “cPanel.”
  • Then click Save. The server will automatically do the following:
    • Add a feature to WHM >> Packages >> Feature Manager named “AutoSSL”
    • Add a cronjob ( /etc/cron.d/cpanel_autossl ) to handle the downloading and installation of new SSL certificates for all of your hosted domains.
  • Please Note: There are some limitations when dealing with vast numbers of domains that are outside cPanel’s control, which you can read about in our documentation.

Feature requests

AutoSSL is stable and ready for use, and it also already has a feature request on the cPanel & WHM Feature Request site. I’m so excited to see what other requests come in for this brand new feature. If you have more ideas, let us know! You can reach us through any of our social channels for discussion, and you can contact us through our Slack or Discord channels, our cPanel forums, and our official cPanel subreddit. Be sure to subscribe to the cPanel Essentials Briefing List to receive emails about important updates, and check out the Up Next hub for further details!

benny Vasquez

scripter, crafter, cPanel's Manager of Community Engagement. Facilitating communication between cPanel's amazing development team, and cPanel's amazing community. Find me on twitter: @cpaneldev