This post will show you how to install a free Let’s Encrypt SSL certificate on your website.
Every domain is required to have its own certificate. This means you’ll have to add an SSL certificate for both example.com and blog.example.com individually.
Before adding the certificate
Make sure your domain is Fully Hosted or configured to redirect before adding the certificate, and that your domain’s DNS is already pointing to GreggHost. This means that your Nameservers should point to GreggHost, or your A records (www and non-www records) should point to the IP address of your domain (assuming your Nameservers are at a different company).
What are the nameservers for GreggHost?
Customizing DNS records
Because ‘Let’s Encrypt’ adds a.well known/ directory to your site to authenticate the certificate, this is the case. If your site’s DNS does not resolve to a GreggHost Fully Hosted domain, the certificate will be unable to generate this folder and your panel will display the following:
Check your DNS settings in the sections below.
Checking where your nameservers are pointed
To see where your nameservers are pointed, go to this link:
What are the locations of my nameservers?
You do not need to make any changes if they are already pointed to GreggHost.
If they aren’t already referred to GreggHost, you’ll need to point them or edit the two A records for your domain.
A website owner can use CAA records to indicate which Certificate Authorities (CAs) are allowed to issue SSL certificates for their domain.
If you want to add CAA records to your domain before acquiring an SSL certificate, read the following article.
CAA policy documents
Updating your domain’s A records
If your nameservers are not pointing to GreggHost and you do not want to change them, you can edit your domain’s two A records, as mentioned above.
You’ll need to update both the www and non-www A records. Consider the following scenario:
You’ll still need to create the www record if you’re pointing a subdomain like blog.example.com. Consider the following scenario:
Your nameservers must be modified at the firm where they are directed. For instructions on how to discover the correct IP address to point them to, see the following article:
What GreggHost DNS records should I use for my website?
.htaccess rules such as IP blocking, rewrite rules, and password protection may also cause the installation to fail. To be safe, change your.htaccess file (to something like.htaccess OFF) to temporarily disable it. The certificate should then be installed. You can rename the file back to.htaccess once it’s been installed.
If removing your.htaccess causes problems with your site, add the following rule to allow the installation to proceed:
– [L] $
Adding the certificate
Go to the Secure Certificates section of the website. A list of your domains appears on the screen.
To add an SSL certificate to a domain, click the Add button to the right of the domain.
On the next screen, select this certificate by clicking the Select this Certificate button.
A success message appears, confirming the certificate purchase.
Test if the SSL certificate is working
Your domain’s certificate has now been deployed. Visit your website’s secure URL at:
Install Comodo Cert 08.png
The browser bar displays a lock icon, indicating that the connection is secure.
You may need to wait a few hours for the certificate to update online if you just installed it.
Forcing your site to load HTTPS by default
Visitors will not be able to utilize your SSL certificate until they manually type https before your domain name, even after you have added it to your site. Because the certificate is supposed to safeguard all of your website traffic, this defeats the point of adding it in the first place.
There are various options for resolving this issue. Instructions on how to construct a configuration file to redirect all visitor traffic to the secure version of your URL may be found in the following article (https).
How to force a redirect to https on your website (SSL)
Only the same domain can be redirected to the HTTPS version of your URL. You can only redirect from http://example.com to https://example.com in this case.
A redirect to a different domain is not possible. With a ‘Let’s Encrypt’ certificate, for example, http://example1.com to https://example2.com would not work.
When you visit the HTTPS version of your URL after installing your certificate, your browser may still display an insecure warning. This could happen for a variety of reasons. Instructions on how to fix this problem can be found in the following article.
Resolving alerts about insecure sites and mixed material