Free Let’s Encrypt Wildcard SSL
Starting today, all SiteGround customers can get a free Let’s Encrypt Wildcard SSL. This will make the setup and maintenance of websites with subdomains much easier, as they can now be encrypted with a single certificate.
All it takes is a few clicks in our updated Let’s Encrypt interface in the cPanel. Ever since we heard that Let’s Encrypt plans to launch free Wildcard SSL, we’ve been eagerly waiting for this and we are proud to be among the first hosting companies to successfully integrate the new SSL into their platform. We strongly believe that global adoption of SSL certificates makes the Internet a more secure place.
Let’s Encrypt and SiteGround
Today’s launch is a logical step in our ongoing effort to encourage all SiteGround customers to use the secure HTTPS protocol. This process started in 2016 with SiteGround being among the first hosts backing up the Let’s Encrypt initiative. Then we provided an interface, where our customers could issue the standard single domain Let’s Encrypt SSL.
In 2017 we went even further and started to automatically install this certificate on every domain hosted with us. Today, we are happy to offer the new Wildcard Let’s Encrypt certificate too. The Wildcard option was added to our interface just 2 weeks after it was officially launched by Let’s Encrypt.
Should you use SSL? Definitely yes!
Why use SSL? Basically, because it makes browsing more secure. However, this reason has been around since SSLs existed, and yet sites with HTTPS across all pages weren’t very common till recently. Today things are different because even if you don’t care that much about your own website security, Google does. HTTP sites will lose rankings, compared to HTTPS ones. In July Chrome will start displaying a warning that non-HTTPS sites aren’t secure, which will quickly scare away visitors. These are some of the reasons why we started to install the standard Let’s Encrypt SSL and encourage its use in the first place.
What is Wildcard SSL and how to get it?
The Wildcard SSL is different from the standard SSL because it secures the traffic not only for your primary domain name but for all of its subdomains as well (e.g. sub.domain.com). This is particularly useful for websites with different sections divided by subdomains (like online stores, websites with message boards, chats, etc.). With a standard SSL, you need to install a separate domain certificate for each subdomain, and with Wildcard you can secure them with a single certificate. This makes setting up and maintaining a website with multiple subdomains much easier.
Note that the standard Let’s Encrypt certificate is perfectly fine if you do not use subdomains. SiteGround will continue to automatically install this type of certificate for every new domain name. However, every SiteGround customer can upgrade existing Let’s Encrypt standard certificates or install new Wildcard ones in the Let’s Encrypt Tool, located in your cPanel. All Let’s Encrypt Wildcard certificates and installations remain absolutely free.
Let’s Encrypt vs Premium SSLs
Even though we now offer Let’s Encrypt Wildcard SSL for free, we will continue to provide Premium EV and Wildcard SSL certificates through GlobalSign for the customers who need them. While Let’s Encrypt is an excellent alternative for informational and personal websites, bigger organizations and e-commerce websites may want to take into consideration the Premium SSLs, which come with dynamic seals, extended validation options, and underwritten warranty of between $10 000 and $1 500 000.
Comments ( 45 )
Thanks! Your comment will be held for moderation and will be shortly published, if it is related to this blog article. Comments for support inquiries or issues will not be published, if you have such please report it through
Fernando Saling
Hello, Monika! SiteGround, its support and Let's Encrypt is excellent!
BazarBit
Great article
Scott Munson
But here it says it's $90 a year? https://www.siteground.com/ssl_certificates.htm
Hristo Pandjarov Siteground Team
Please, check the page carefully. That's a different certificate. Let's Encrypt is free and available for all customers.
Bill
How can I seamlessly transfer from my current paid Premium Wildcard to the new free Let's Encrypt option?
Hristo Pandjarov Siteground Team
Basically, you cancel your current subscription and issue a new certificate. You can contact our support via the Help Desk to get additional assistance on that matter.
RAJKUMAR V
Let's Encrypt is free and available for all customers. only for three month free
Hristo Pandjarov Siteground Team
Let's Encrypt certificates are free for renewal too. We renew them automatically so the fact that they are being issued only for three months is not a problem at all.
Brian Mitchell
Thanks for the info on Wildcard vs. Standard SSL's. I am incredibly grateful for Siteground's leadership and early adoption in the Let's Encrypt initiative. Are there any plans for auto-renewal on Let's Encrypt for Siteground Dedicated Servers? cPanel has been offering AutoSSL as an extension for WHM for about two years. However I am not able to get it on my Siteground Dedicated Server with GoGeek features. It is a real hassle having to manually request renewal on all my SSL's every 3 months. Any info on adding this feature is greatly appreciated.
Hristo Pandjarov Siteground Team
That's on our road map and I hope it will be available for our Dedicated server users soon!
Hristo Pandjarov Siteground Team
Hey, we started adding the tool for new servers and patching old ones. Do you mind mailing me at Hristo.p [at] sitegrond.com with the main domain of your dedicated server because I couldn't find one using the blog comment info.
Debbie
Thanks for the article! As a non-profit, we are very appreciative for your service and support. I just installed the Let's Encrypt Wildcard SSL (whiterocklake.org) and got a message that it's in the install queue. How long does it take before the certificate is effective? Thanks!
Hristo Pandjarov Siteground Team
It should take just few minutes!
Bob
I have several "addon" domains. Right now I have separate Let's Encrypt installed on each addon. Should I switch to wildcard on my main domain or just keep things as they are? If I add wildcard to my main domain will it automatically replace current individual Let's Encrypt certificates? Are addon domains treated like subdomains? Thanks! Bob
Hristo Pandjarov Siteground Team
No, wildcard SSL will cover a single domain plus all of its subdomains - *.domain.com while for separate (addon) domains, you need separate certificates. Each one of them can be wildcard too in case you use subdomains.
Garrett Murphy
Do the Lets Encrypy SSL certs automatically renew? I see that they run for 3 months currently.
Hristo Pandjarov Siteground Team
Yes, we update certificates automatically.
Davy Roberts
Question about this. A have several domains pointing to one main domain/account with TYPO3. Per domain I can choose a different siteroot, so that works. Let's say domain aaaa.com, bbb.nl, cccc.eu, subdomain.dddd.info... they all point to different startpages.. and I wan't to be able to use for some domains certain subdomains like blog.aaa.com, stash.bbb.nl, and perhaps media.cccc.eu... How do I enable this SSL and which do I chose. How do I do that and how much would it cost me? The current structure works now without SSL without any problem (other domains cost let's say around 12 euro's per domain and another domain comes from a friended site which points to the current domain (with a 'parked domain' ) and this also works fine. What are the costs? How do I enable this without losing the current functionality?
Hristo Pandjarov Siteground Team
You can issue a free, wildcart certificate for each domain. Then you can get a GrowBig or higher account which supports addon slots which will cover your needs. For current pricing, check out the Web Hosting page on our site.
Sean
FYI Wildcard certs from Let's Encrypt do not always work with subdomains, I am on Support chat right now being told my site won't load at the URL because of the Wildcard Cert and to install a regular SSL cert instead as the only recommended solution. Before you pull your hair out wondering why the site won't load, try installing the regular SSL cert instead, as these are still buggy at the time of this writing.
Angelina Micheva
Hi Sean, Thank you for bringing this to our attention. It is correct that using WildCard Let's Encrypt SSL saves you time maintaining the SSL certificates for a website with multiple subdomains. The functionality works on our servers and we have made it available to our customers to make site management even easier for them. We will double-check what has prevented the WildCard certificate from working correctly when you installed it initially. Our agent via chat offered you as a solution to install the standard SSL as he aimed to quickly resolve the problem and make sure your website is working as intended.
vishal bhagwani
should we have to buy domain to get a free ssl certificate from siteground
Hristo Pandjarov Siteground Team
No, you can use your existing domain and simply point it to our servers.
Richard Quigley
Can a sub domain and wildcard SSL be applied to a local server or non siteground hosted server or do they all have to be siteground hosted?
Hristo Pandjarov Siteground Team
You can't install a LE certificate on your local server. As to other hosting accounts, yes you can but you need to contact them.
Vance VanDoren
In a previous post you said that you "update certificates automatically". Does that include renewing and re-installing as well? And if so, does your automatic update also cover subdomains when using a WildCard Let's Encrypt SSL? In other words, will I have to do anything every 90 days or will my domain and subdomain essentially be secured forever without my help?
Hristo Pandjarov Siteground Team
We autorenew certificates so all you need to do is select the proper type of LE certificate for your domain and it will be renewed until you decide to cancel it :)
Vance VanDoren
OK, but that doesn't quite answer my question. Other hosting services can auto-renew my SSL certs, but they require that I re-install my certs every time they renew. Are you saying I won't need to renew OR re-install my SSL certs? If so, can you automatically renew and reinstall all of my subdomain certs as well? And will auto-renew/auto-re-install work on my addon domains as well as my primary domain?
Reneta Tsankova Siteground Team
Hello Vance, if you had your Let's Encrypt SSL certificate issued and installed through our system/control panel, then you should not have to do anything upon expiration of the certificates, regardless whether you use the Standard or Wildcard one (the Wildcard covers the subdomains). Our system knows when these SSLs expire and upon expiration, checks if the hosting account is active and if it is still active, renews them automatically without causing any change in settings. The certificates for both the primary domain and for the addons get processed the same way. You don't have to re-install, re-configure or change anything upon renewal. Manual configurations may be needed only if the renewal of the certificates fails for some reason.
Derek
I'm confused. This Siteground video: https://www.youtube.com/watch?time_continue=223&v=uM2FyX7RCs8&feature=emb_logo (which shows the outdated cpanel process) instructs users to enable the "external links overwrite" option. Yet with the new Siteground layout and https / ssl conversion tools, this external links overwrite option isn't available. I ended up going the route of using the SG Optimizer plugin to enable https (as recommended in another Siteground article, yet I still see no option for the external links overwrite there either. So my question is, how do we know if that is enabled? Thanks in advance for any input.
Hristo Pandjarov Siteground Team
Using the SG Optimizer plugin is the best way to configure your WordPress site. The overwrite is designed to be app-agnostic and cover the cases where you can't configure your application properly. External links are not overwritten, just external resources. If you're getting a green paddlock on your site then everything is ok. If you have insecure items loaded, there's another option in the SG Optimizer - Fix Insecure Content that you can enable and it will rewrite the links needed :)
Karol
Some of this is great. Like the difference in the free and paid SSL. However, there is nothing here to lead you to a "How to". And all the other how to's I find don't look anything like the inside of my cpanels Let's Encrypt. (sigh). I'm still lost. Over to tech support chat I go.
Hristo Pandjarov Siteground Team
You can check out our Let's Encrypt tutorial: https://www.siteground.com/tutorials/cpanel/lets-encrypt/
Sodiq
Having read through the SSL article and the comment section, i really commend your effort in clarifying customers' issues. I am planning to host three websites on your VPS. Do i get free SSL certificates for each website?. Will the free SSL be sufficient to run an eCommerce or I'll need to upgrade to the wildcard SSL
Hristo Pandjarov Siteground Team
Both the standard and the wildcard certificates are free. Which one you should install depends on your needs - if you plan on using subdomains, go for wildcard, if not - use the normal one. You can always upgrade. You can install as many certificates as domains you have assigned to your account, there is no limitation :)
Travis Evans
Are the 90 day wildcard certificates still free? I'm not seeing that option anymore.
Marina Yordanova Siteground Team
Hello Travis, yes, the Free Let's Encrypt SSL is still available. Please log in to your Client Area and go to the Websites Tab - https://my.siteground.com/websites/list/ In the "Available Extras" section you will see the option to add free SSL to your site.
Dave
If I build a site on the StartUp package and I want both domain.com and domain.co.uk to point to the same site, do I get two standard SSL certs, both free? Thanks
Hristo Pandjarov Siteground Team
Yes, both will be free :)
Richard Getz
Hi, Just want to clarify. Is this for every website on the hosted account, or just the main domain? Thanks
Hristo Pandjarov Siteground Team
You can get a free certificate for every domain name associated with your account.
Michael Tan
Why not get rid of the regular Let's Encrypt SSL and just go with Wildcard Let's Encrypt SSL since the latter is a superset? I find it confusing to have both options displayed to me under SSL Manager, especially since I can install BOTH SSLs
Hristo Pandjarov Siteground Team
Different sites and accounts have different requirements. For example, the wildcard SSL can be issued and renewed only through DNS verification while the regular one goes through HTTP verification. Some people don't have subdomains and want to assure there is no certificates on them. It's just flexibility :)
Dom
Hi. I have +/- 20 sites on my SG account, all with a wildcard SSL, all with HTTPS enforced in SG Site Tools and also via SG Speed Optmizer plugin. However, when I receive an email from SG about my sites - such as from wordpress@autoupdate.siteground.com - about 50% of my sites are listed as http://... - which is not correct. I would like to understand please (a) why SG is listing those as http instead of https, and (b) where the setting is to adjust the address to show https instead of http into SG systems?
Ivan Naidenov Siteground Team
Hello Dom and thank you for the question. It appears that the SSLs are functioning properly but the WP installations need to be imported again so the HTTPS is recognized by the system tasked with delivering the WordPress Update emails. Our technicians would need to take a closer look to address that. Reach out from the Help Center, always happy to help: https://stgrnd.co/contactus/
Start discussion
Thanks! Your comment will be held for moderation and will be shortly published, if it is related to this blog article. Comments for support inquiries or issues will not be published, if you have such please report it through