How to turn on https support with Let's Encrypt certificate?
1. Login into Webhosting administration
2. Go to Websites list a and click on domain name on the right side of page
3. Website settings page will open.
Choouse SSL and Let's Encrypt SSL checkboxes and click on "Save" Certificate creation take few minutes, it will be ready when right number which is showing number changes in execution disappear.
WARNING: When SSL checkbox in already checked and yo have SSL certificate, you have to delete is first as is shown in point 7.
WARNING 2: Let's Encrypt authority does not provide wildcard certificates. Auto-Subodomain has to be set on "www" or "None"
If you need wildcard certificate, you still can use your on. (Use only SSL checbox, without Let's Encrypt and go to menu SSL)
4. Testing
- after FTP login, you have to see three files with certificates in SSL deirectory
- when you put address of your pages with https:// into browser, pages have to opnt. In ideal case you will see green lock or green adress line. If page is workign over https, but you see some errors, read what are those about. Most common error in linking non-secured http content inside https pages.
See certificate details. It has to be issued by Let's Encrypt authority and validated for 3 months. Certificate is automatically renwed after 3 months.
5. Automatic content redirect to https://
Besides .htaccess file, redirect can be set directly in webhosting adminsitration. Go to "Redirect" menu and check "Rewrite HTTP to HTTPS"
6. You can also set a non-www redirect to a www address
In the same menu as above, set the SEO redirect "domain.tld => www.domain.tld"
7. Deleting an existing certificate (optional)
If you already have an SSL certificate issued by another authority and you want to upgrade to a new Let's Encrypt certificate, you need to delete the existing certificate.
First, back up the existing certificate from the /ssl direcotyr using FTP . Then go to the SSL menu, set "SSL action" to "Delete certificate" and then click "Save". Then you can create the certificate according to point 3.
If you already have an existing certificate in place, we recommend that you do this together with our tech supoport. This eliminates the possibility of interrupting site traffic if you set something wrong.