Let's Encrypt is Here - Open Source Security Certificates Available at SiteGround
In December 2015 the new certificate authority Let’s Encrypt entered Public Beta and caused a wave of excitement. The groundbreaking news meant that website owners can obtain security certificates for their websites for free instead of paying for traditional SSL certificates and install them much easier. Naturally since then many of you have asked us when we would introduce the certificates on our hosting platform. For all of you who have been eagerly awaiting this moment, we are happy to say that Let’s Encrypt certificates are now available at SiteGround!
What you should know about Let’s Encrypt
Let’s Encrypt is a free, automated, and open certificate authority (CA) that issues domain-validated security certificates. The main goal of the project, which SiteGround proudly sponsors, is to make encryption ubiquitous on the web so that all web browsing becomes safer.
The key benefits of the Let’s Encrypt certificates are:
- cost-free
- easy installation
- no validation emails are sent
- no dedicated IP required (which is extra money)
- trusted by all major browsers
- auto renewable
How to use Let’s Encrypt at SiteGround
We have created an interface in the cPanel for easy install and management of your Let’s Encrypt certificates. (To learn how to use it, see our Let’s Encrypt cPanel tutorial.) You can have multiple certificates installed on your account for each domain and subdomain you want. The certificates auto renew unless you choose to cancel them through the cPanel interface. Please note that the Let’s Encrypt interface is currently deployed for shared hosting accounts. Customers with cloud accounts and dedicated servers with geeky setup can post a support ticket if they wish to get a certificate before we have completed the deployment there, which is coming up shortly.
UPDATE: Let’s Encrypt interface is already deployed on all SiteGround servers. If you need additional information about the certificates you can refer to the Let’s Encrypt section of our knowledge base.
Comments ( 106 )
Thanks! Your comment will be held for moderation and will be shortly published, if it is related to this blog article. Comments for support inquiries or issues will not be published, if you have such please report it through
David Pascoe
Awesome news. Well done on implementing letsencrypt so quickly.
Dale Reardon - My Disability Matters
This is great news indeed. I have a cloud account and using several of your approx. $80 SSL certs - can these be replaced with these free certificates? Dale.
Iskra Rasheva Siteground Team
Hi Dale! Yes, generally you can get Let's Encrypt installed instead. You will need to post a support ticket until we deploy Let's Encrypt for cloud accounts and coordinate when to cancel your current ones. Please mind that the SSL certificates you have now come with a dedicated IP and a dynamic site seal, which is something you won't get with Let's Encrypt.
Nayith
That's why I keep trusting SiteGround
Kim
Hi This sound GREAT. This almost sound to good to be truth :) What is the differens between an "normal" SSL cert. and Let's Encrypt, is it more unsecure than an normal SSL cert. or where is the clue ? //Kim
Iskra Rasheva Siteground Team
Hi Kim! Let’s Encrypt is indeed revolutionizing the SSL industry as we know it. It is as secure as a normal SSL. Still there are some differences. For example, Let's Encrypt doesn't offer dynamic site seals which some visitors may find reassuring. Also at SiteGround we provide dedicated IPs with normal SSLs but not with Let's Encrypt. Lastly, EV SSLs (a type of "normal" SSLs) add extra assurance for site visitors because they also display the organization name in the address bar of your browser and company information in the certificate. EV require a thorough background check of the organization before issuance. For comparison Let's Encrypt are domain-validated only.
Kim
wowww, that is really great news, this is spot on from you guys, respect for that. Any EOD for Cloud servers, when it come so we can do it ourself ?
Iskra Rasheva Siteground Team
It's coming in the next days :)
Andy
I just set this up on one of my sites for testing and it all set up in cPanel, quickly and very easily - Excellent. I have many siteground accounts and websites siet up & a question would be that, would this now stop me from using cloudflare basic that comes within siteground cPanel? Would I now need to purchase a Cloudflare Plus account in order to use the 2 together?
Andy
Testing this further, can "Lets Encrypt" only be used on non-www domain names? Using on https://www.mysite.com it doesn't work, but using on my https://mysite.com does work.
Iskra Rasheva Siteground Team
Hey Andy. The certificate will be issued for the domain.com and www.domain.com (if both domain names resolve properly to our server). In the case when the www subdomain does not resolve, the certificate will not be issued for it.
Andy
This is fixed now, thanks. I had to disable cloudflare :( Hopefully in the future you guys can work out a way to use "Lets Encrypt" & Cloudflare for both www & non-www with the 1 click ease that ww currently have when setting up lets encrypt or cloudflare from within cPanel. All Positive stuff though - well done :)
Hristo Pandjarov Siteground Team
We're still working on this but you can post a ticket in your Help Desk and get it configured right away without having to purchase anything.
Patrick Steil
SO Awesome SiteGround! Who introduces products that cause them to gain LESS revenue? Way to go guys!
Hristo Pandjarov Siteground Team
Thanks for the kind words, we really belive in this initiative and we're glad our customers appreciate it!
Grant
Is there an ETA on the deployment to cloud accounts? I don't want to start troubling support staff if it's only a few days away.
Hristo Pandjarov Siteground Team
I can't give you an ETA. It will be soon but don't worry, you can post a ticket, it's not troubling us :)
Milan Petrovic
Great news! I have few questions: 1. Will HTTP/2 work out of the box once a domain get's Let's Encrypt SSL? 2. I have one IP and I have one website with wildcard SSL (purchased from SiteGround). Is there any downside to having other websites on my cloud account using same IP and Let's Encrypt SSL next to wildcard SSL? Should I get additional IP? 3. What is displayed by browsers for HTTPS websites using Let's Encrytpt SSL? Will there be any problem with this (like Chrome unsecure website messages)? Regards, Milan
Iskra Rasheva Siteground Team
Hi Milan! Here are the answers: 1. Yes it will because http/2 works over encrypted connections, as long as you are using a modern browser such as all of the latest versions of Chrome, Firefox, Safari. We wrote about it here 2. No downside but again as long as you are using a modern browser that supports SNI (all the above do). If not - then additional IP will be required. 3. Let's Encrypt is a trusted authority so there will be no warning messages as long as your site is configured properly. You will see the green padlock and green letters https. By clicking on the padlock you will see the certificate.
Ralph de Groot
Awesome!!! Keep up innovating, and keep up the great you all guys do at Siteground. I tested it and my SSL was working great in just a few mouse clicks!
Hristo Pandjarov Siteground Team
Glad you like our integration!
tahlyn
very awesome. can't wait to setup it up.
Chris Backe
Great to see - I've installed it on three of my Siteground sites. Where or how is it seen in the browser, though? My sites currently show www.mysitename.com, not https://www.mysitename.com...
Iskra Rasheva Siteground Team
Hey Chris. First of all, I see that you have Cloudflare enabled. See here how it works with security certificates. Second, most probably you haven't redirected your websites to open through https. Check out here or post a ticket and our support team will assist you further!
Stuart Wooster
Damn - I just paid for an SSL certificate Friday! And since then my one-click staging environment ability has been up the creek :(
Iskra Rasheva Siteground Team
Hey Stuart! Seems like our support team has been able to help you. Please follow up on the ticket if you continue to experience any issues!
Wayne van Elsen
This is great. Can we use with Add-On domains?
Hristo Pandjarov Siteground Team
Yes, you can issue Let's Encrypt certificates for your addon domains too!
David
Nice... now I can turn on strict SSL from Cloudflare and have both sides of the path encrypted. This is awesome.
1dnmr
Super! Work from one click, display information that site is encrypted! This is awesome news! Thank you guys!
Hristo Pandjarov Siteground Team
Great, we're glad it's working smoothly!
Dario
It worked like a charm...thank you!
Sandee Jackson
Hi, I posted a question that I see what deleted. I was trying to find out about deployment of the Let's Encrypt SSL certificates on Cloud Accounts. The post indicates that we can submit a ticket to have the ability to install the certs added to cloud accounts before phased deployment. I did so yesterday, and I was told that it would be making its way to cloud accounts. Is there a way for me to have them added to my cloud account? Thank you!
Hristo Pandjarov Siteground Team
The functionality will be added to all our cloud hosting account customers shortly. We don't want to cause overload on our host nodes so we have a scheduled update that runs as we speak. This said, you should very soon receive the service in your cPanel.
Sandee Jackson
My apologies! I forgot how fast you guys work -- it's already taken care of you! Your customer service / support rocks, and that's why I love recommending you to folks! My apologies again! :)
Iskra Rasheva Siteground Team
Thanks for the kind words Sandee! We do our best to make customers happy.
Kenny
Seems like no one has asked this specific question: I have bought ssl and therefore am unable to use cloudflare- unless I buy plus. Which I thought would not be a problem due to additional speed from your new ssd servers. However, when my cert comes up for renewal, I would not buy another one, but use the free setup and then I can use the cloudflare basic?
Iskra Rasheva Siteground Team
Hi Kenny, just like with the other SSLs, you again won't be able to use Let's Encrypt with the Free Cloudflare plan because it doesn't support https connections. However there are still ways to make both work together but only for some subdomains of your website. Check out how here.
Kenny
Just checked with godaddy... website builder and shared hosting can be setup by yourself if the plan allows for external certificates. However, neither of those plans allow for external certficates. Oh well... well done siteground for providing this.. even if I am a little miffed paying for something that is now free.
Lucy
Does Let's Encrypt provide an https instead of an http address?
Iskra Rasheva Siteground Team
Hi Lucy, yes! Let's Encrypt enables https.
John
Typical of Siteground - Add it to their shared hosting while the people who pay a premium for Cloud hosting still haven't got it :(
Iskra Rasheva Siteground Team
Hey John, you can have it on your Cloud account, just post a ticket. And the interface is coming soon.
Wendy
Will one-click staging work with https and let's encrypt now? I know previously there were issues with staging not being able to handle SSL.
Hristo Pandjarov Siteground Team
We're currently working on it and hopefully by the end of the next week a patch will be deployed allowing you to do so :)
Wendy
Awesome! Thanks!!!
David Pascoe
I just spied the LetsEncrypt widget in my cpanel for my cloud VPS and tried it and voila - 11 SSL sites are now active - green padlocks everywhere ! Well done @SiteGround, you guys did a great job - just one click and it is installed. Just wondered how you handled the DNS confirmation lookup as it just worked, even for a domain that doesn't have any email MX defined for it.
Hristo Pandjarov Siteground Team
We check whether the domain name actually points to your account with us and don't do MX check.
Ian Macdonald
Great facility, activated it on a couple of accounts and it worked flawlessly. Thanks for your work on this. As a spam investigator, one small point comes to mind, is there any risk of the email address associated with the certificate being publicly accessible? I did check the cert and it doesn't seem to be visible, so probably not an issue.
Hristo Pandjarov Siteground Team
Hello Ian, You shouldn't worry about that, the email you enter during the process isn't listed anywhere publicly. It's used only for the generation of the certificate.
Gio
Hi Hristo! Many thanks for that! One question about which order I need to work things through....I suppose I need to add my keyCDN details first and then add the letsencrypt? So that the certificate is installed on my cdn url?
Hristo Pandjarov Siteground Team
Hey, Since those domains are handled by your CDN servers and not ours, they need to install the certificate on their machines. I've found this article on their side that I think should solve your case: https://www.keycdn.com/support/use-letsencrypt-with-keycdn-to-enable-ssl-tls/
Gary
Awesome guys as usual! Is there a annual charge for the SSL? Also as cloudflare has to be deactivated - will the site perform slower? Thanks Gaz
Hristo Pandjarov Siteground Team
Let's Encrypt certificates are completely free and will remain free. We will not charge any anual fee for having them. As to your second question, it depends on where the connection to your site is made, from some locations you may have slower performance simply because Cloudflare may have an end point closer to the visitor. This said, if you require a CDN in your setup, you can get a paid Cloudflare account which supports certificate installtion.
Rob
Cloudflare free plans offer free ssl anyway so they should be able to use that rather then needing to install letsencrypt? https://www.cloudflare.com/plans/
Hristo Pandjarov Siteground Team
It's a personal preference, some people don't want to use Cloudflare :)
Joomlaheerenveen
Siteground thanks for implementation of Let's Encrypt. I think you are one of the first hosters who activated Let's Encrypt! Perfect! Super! Today I've secured one maindomain and 4 subdomains of this domain. We have more subdomains of this maindomain which we want to secure, but unfortunately Let's Ecrypt has a maximum of 5 certificates for one domain in 7 days we found out. This is not a Siteground restriction but a Let's Encrypt restriction. So next Sunday we will install the next 5 certificates :-)
Hristo Pandjarov Siteground Team
Glad you like it! Yes, it's a Lets' Encrypt limit, we haven't placed anything additional to restrict its usage.
Andy
I may have been misinformed in a support ticket (1591349), but I wanted to check if it is now possible to use "Lets Encrypt" & Cloudflare basic/free. I am slowly setting up "Let's Encrypt" on a few sites and its really fast & easy to set up, but am having to switch off cloudflare for these sites :(
Ali
I have this issue as well. Changing DNS away from Cloudflare to SiteGround is a security risk because the change gets logged in DNS history and therefore the origin IP is exposed even if you change the DNS back to Cloudflare again. Does SiteGround have a solution for this?
Iskra Rasheva Siteground Team
Ali, I've addressed your concern to the Support team and they have further looked into the issue and updated your ticket. The solution for now is manual installation of Let's Encrypt from our Support team. This does not require changing DNS away from Cloudflare.
Iskra Rasheva Siteground Team
You can check out here how SSL certificates (including Let's Encrypt) and Cloudflare can be used together: https://www.siteground.com/tutorials/cloud_flare_cdn/cloudflare_ssl/
Rob
Great in theory, although I just tried in 3 accounts and it failed on all domains.
Hristo Pandjarov Siteground Team
The installation process works great for thousands of customers everyday, if something fails, please post a ticket in your Help Desk and we'll handle it swiftly :)
Thomas Herold
Fantastic! I just upgraded and have my complete website now running secure. Also, a big thank you for the recent server upgrade. With switching to php7, together with a CDN network, my website is now 200% faster than before.
Hristo Pandjarov Siteground Team
Great results Thomas!
Glen
Just added a cert to a site I migrated over from another host. It really is one click! Worked perfectly first time. Amazing! Thank you :-)
Iskra Rasheva Siteground Team
It's easy isn't it. Glad you like it! :)
Kit Johnson
I just want to add to the voices that have been saying "wow, thank you." I only just discovered letsencrypt, and thought the chances of getting it on a shared server plan with multiple add-on domains would be low—too good to be true. What a pleasant surprise that Siteground has implemented it already.
Kimball
Thanks SG for another great feature! It should be said however, that this SSL will not work for a small percentage (3% - 7%) of your traffic. Most browsers on Windows XP are not currently supported. Let's Encrypt looking for a solution: https://github.com/letsencrypt/letsencrypt/issues/1660
Iskra Rasheva Siteground Team
Thanks for bringing this up Kimball! Indeed this is one of the few operating systems that has troubles with Let's Encrypt. A list of browsers and operating systems that are supported/not supported is found here: https://community.letsencrypt.org/t/which-browsers-and-operating-systems-support-lets-encrypt/4394
Alessandro Muraro
Just implemented it, worked like a charm, thanks!
Warren Hartz
I renewed my SSL in November, so should I wait until next November when it expires to switch to Let's Encrypt? Also, is there any disadvantage to not having a dedicated IP address?
Hristo Pandjarov Siteground Team
It may have a neglectable effect on your SEO but nothing serious to be honest. As to your other question, you can cancel your current SSL and enable Let's Encrypt by following these instructions.
Benjamin
Happy.. but at the same time sad.. because I have to disable my free Cloudflare account. If it could work with www without having to disable Cloudflare, that would be superb..
Iskra Rasheva Siteground Team
In order to use Cloudflare CDN with any SSL installed on your hosting server you have to upgrade to the CLoudFlare Plus plan. This is just how Cloudflare works. Alternatively with the free Cloudflare plan you can use your SSL on your non-www pages and then they won't go through CDN. You can check out more info about this here: https://www.siteground.com/tutorials/cloud_flare_cdn/cloudflare_ssl/
Deepen Dhulla
Hi would it be possible for some one to share list of few website having let's encrypt ssl implemented .. so that one can this website on some browser.. , it would help us & other understand us before one go for let's encrypt ssl for regular use. this would help one see the ssl in browser..... for example let's encrypt itself does not have their website hosted with their own ssl. nor they provider some customer/website list where its implemented.
Hristo Pandjarov Siteground Team
Well, we haven't given samples because that would mean sharing our customers pages and we need their permission for that. My personal blog is using Let's Encrypt SSL - pandjarov.com, you can use it as reference.
Fabio
My browser says you are not using it anymore, why?
Hristo Pandjarov Siteground Team
I am constantly using the poor site to test things out :( It is now using a Let's Encrypt certificate!
Marla
Hi, I have a question about the answer given above regarding add-on domains. I am thinking of moving my hosting to SiteGround because of your awesome support for Let's Encrypt (among other reasons). In a shared hosting account with multiple add-on domains such as abc.com, xyz.com, and 123.com, can I install a Let's Encrypt SSL certificate on each one? My understanding of SSL certificates was that you can only have one per cPanel, and thus one per hosting account, because all the add-on domains in an account use the same IP address. Is Let's Encrypt different? Thanks so much for your answer.
Hristo Pandjarov Siteground Team
No, there is no such limitations - you can install as many Let's Encrypt certificates as domains and subdomains you have on your account. If you have 10 addon domains, you can install 10 free certificates on each one of them for example. SNI allows us to have more than one certificate installed per IP address which means that this limitation is no longer applicable.
Marla
Thank you so much Hristo for your clear and helpful answer.
Vittorio
Hello, I have some questions: I have to setup a site with two domains, .it and .com and I have actually installed Let's Encrypt, but I do not know if I should switch to SSL or not. The site will have an online shop, so safety and trust are important prerequisites. If I have to use SSL, which one should I use? Do you suggest to use Let's Encrypt or SSL if trust, security and compatibility (I do not care about old browser with XP, XP is outdated and if anyone still use it, it is not my problem :D) are prerequisites (price is an important factor too, but I can afford to buy a SSL certificate)? Thank you!
Hristo Pandjarov Siteground Team
Hi Vittorio, In terms of security, Let's Encrypt is as safe as any other SSL certificate. Furthermore, there will be an update for XP that will add support. A "regular" SSL should give more authority to your site though. If I were you, I would use the Let's Encrypt one until someone of my customers ask or complain about the certificate. I doubt people will have something against you having a free SSL certificate.
Marco
Hi, Someone from your team told me that Let's encrypt certificates must be renewed manually each 3 months from cpanel. Is it true, are you planing to automate it and what is the ETA ? Thanks a lot in advance for your answer and thank you so much for your great services!
Iskra Rasheva Siteground Team
The Let's Encrypt certificates renew automatically every 90 days. You don't have to worry about that. I'm sorry about the miscommunication and will address it with the team.
Marco
Thanks a lot Iskra!
Marco
I've some issues in configuring let's encrypt on my wordpress wesite hosted on SiteGround. Apparently I receive an error "Your connection is not private" while connecting to https://www.domain.com No error if I use https://domain.com What can it be and how can I solve it?
Hristo Pandjarov Siteground Team
Let's Encrypt certificates are not wildcard ones. Note that www.yourdomain.com and yourdomain.com are different domains thus you need to issue a certificate to both of them. The better solution though, is to force either www.yourdomain.com or just yourdomain.com with .htaccess rule. This way you will avoid duplicate content being indexed by Google on your site. Check out this article for more info on that metter.
Jerry Hall
Touche on offering LetsEncrypt as part of your hosting package. It makes a guy want to (and in the process of) move all his sites to SiteGround! Way to go!
Tim Thomas
A couple of my sites that used geolocation, with http, stopped working recently with chrome on Android. Seems chrome no longer allows use of the geolocation api without https. Fortunately I was able to quickly and painlessly enable my siteground hosted sites to be running again by the use of letsencrypt. I was prepared for a complex installation of certs, which I know nothing about, and this was easy.
Ian Worthington
I've just tried installing a letsencrypt certificate on a Wordpress startup account and google seems to be less than impressed with it: This server could not prove that it is theemeraldemporium.co; its security certificate is from *.sgcpanel.com. This may be caused by a misconfiguration or an attacker intercepting your connection. I've discussed this over at https://community.letsencrypt.org/t/slow-and-warning-messages-on-new-install/17795 and it seems that this level of account uses shared certifiates, vis-à-vis https://www.siteground.com/kb/what_is_the_difference_between_shared_and_private_ssl/ As (at least) the Chrome browser doesn't trust these it seems a pretty useless feature as-is. Do I actually need to upgrade my account to get something that works or is there a work-around?
Iskra Rasheva Siteground Team
Hi Ian, I see that you have issued a certificate for the subdomain https://staging.theemeraldemporium.co/. So it works fine except that your site has http resources, so this leads to a mixed content warning. You should have on the site https resources only to see the green padlock. Note that you haven't issued a certificate for the domain theemeraldemporium.co. Let's Encrypt is not a wildcard certificate so you have to actually issue separate certificates for the domain and each subdomain. So try to install a certificate on your domain, too, clean the mixed content and see how it is. If you need more assistance, it's best to contact our support team through the Support center in your SiteGround User Area.
Ian Worthington
Thanks Iskra, appreciated.
Paul Chantler
Hi I have noticed that lets encrypt certiificates have been automatically installed on all my domains. The https url exists but there is no green bar and when hovering in top (?) circle on chrome it says that the site may still be unsecure. Is there some other settings I need to make to get the ssl working properly? Also can I make it only specific to some pages? Thanks!
Hristo Pandjarov Siteground Team
If yuo want to have the green bar and basically have your site working correctly through https, you need to make sure all resources it uses are loaded securely (through https). For WordPress, you can give this plugin a try - https://wordpress.org/plugins/ssl-insecure-content-fixer/. Make sure you configure it. As to your other question, you can load every page both ways. If you want, you can force the https connection on certain pages with .htaccess: RewriteEngine on RewriteCond %{HTTPS} off RewriteRule ^checkout$ https://www.example.com/checkout [L,R=301] for example, that would redirect your checkout page to https :)
js
Hello, I am having the similar issue on my joomla website. I have my site as https but there is green bar missing and it still says "not secure" on the browser. Is there any specific configuration other than mentioned in the tutorials that I should take care of. So far I have done two things. 1. I have used HTTPS using "Let's Encrypt SSL" in the CPanel. 2, In the Joomla Toolkit in CPanel, I have enabled SSL in the "Configure SSL Certificate" section. There is a small problem here, as I have enabled this feature once but when I go back to manage this section. It tells me that the "Current SSL state for this application is:" as Disabled. I am not sure why it's not retaining the Enabled state. Could you please respond at your earliest convenience. Thanks!
Hristo Pandjarov Siteground Team
If you're forcing the SSL usage from the Let's Encrypt tool, it will dynamically rewrite all sources and you should see the green padlock. However, there are some edge cases that don't get covered by the automated tools and need some manual check. I'd recommend that you post a ticket in your Help Desk. Our support team will look into it and help you out with that.
Brandon Holcombe
@ Siteground Team I have clients on Bluehost with GoDaddy domains pointing to Bluehost hosting. I want them to move to SiteGround but have a question. Do we have to do anything on the GoDaddy side to have Let's Encrypt work on SiteGround with said domains?
Hristo Pandjarov Siteground Team
No, you just need to change the NS records to point to your SiteGround accounts. Once the propagation is over, you will be able to install Let's Encrypt :)
Rafia Irfan
I activated lets encrypt SSL on a site some months ago. I will now pay for the renewal of its hosting. Will I have to pay any additional amount for lets encrypt SSL? I am using GrowBig plan
Marina Yordanova Siteground Team
Hello Rafia, Let's Encrypt is renewed for free.
Bruce Jones
Hats off to SiteGround! I just added SSL to my personal website. The CPanel add-on made it a snap! Thanks so much.
Oscar C
Hello, I have the lets encrypt certificate active, The address bar says NOT SECURE, your connection to the site is not fully secure. How can I fix this?
Marina Yordanova Siteground Team
There might be mixed content on your website. If you are a SiteGround customer, please contact our Support team, so that they could check for you.
Start discussion
Thanks! Your comment will be held for moderation and will be shortly published, if it is related to this blog article. Comments for support inquiries or issues will not be published, if you have such please report it through