cPanel & WHM Version 82 has been released, and brings a slew of great updates. Take a look at what is included, and then upgrade today!
 

AutoSSL cPanel interface for end user control

Mike shared this idea 2 years ago
Open Discussion

It would be good if AutoSSL had a cPanel interface for end user control. The following functions would be helpful:


  • Running AutoSSL immediately (shouldn't have to wait for AutoSSL to run after pointing domain etc)
  • Enabling/disabling AutoSSL
  • Viewing AutoSSL logs, allowing users to determine why verification is failing
  • I doubt cPanel will ever do this (UI could be confusing), but separating domains into different certificates, to prevent visitors from finding out what other domains/websites a user has under the same account through the SSL certificate


The two in bold are most important and pretty simple.

Best Answer
photo

While not specifically addressing any of these issues, I do want to mention that in 66 we've added one feature to the cPanel management of SSLs that allows end-users to exclude domains from being issued SSLs through AutoSSL:


https://documentation.cpanel.net/display/66Docs/66+Release+Notes#id-66ReleaseNotes-Domain-specificAutoSSLexclusion

Comments (8)

photo
1

In regards to separating certificates (rather than having one certificate per account), a couple of simplified solutions (rather than full user control over the behaviour) could be:


  • Group the same domains on one certificate (e.g. mywebsite.com and mywebsite.net would be on one certificate while anotherwebsite.co.uk and anotherwebsite.org are on a separate certificate).
  • Group certificates per addon domain, meaning the primary domain and each addon domain has its own certificate including any parked domains pointing at the particular domain.


I'm sure there are technical issues I've not thought of but I'm also imagining AutoSSL is only an initial version which is open to improvements in future, so I'm airing these ideas here in response to end user feedback.

photo
1

Even just a interface within cPanel that allows you to issue SSL certificates to domains that have already expired SSL certificates would be great. For example, I have a domain that was using manually generated Let's Encrypt SSL certificates, I can't issue a new certificate from cPanel so I need to still visit zerossl.com for my free Let's Encrypt SSL certificate.

photo
2

This. Having zero control over AutoSSL in cPanel is bad.

Users should be able to enable/disable this AutoSSL per domain basis and have a way to see logs for Domain Validation process.

Enabling this on server with 1000 accounts creates a ton of work for support.

photo
1

Also, since many customers don't know much about redirections or how to use their .htaccess file, it would be useful to have an "Enable HTTP to HTTPS redirection" button which creates the redirection for them. This will help customers move completely over to HTTPS.

photo
1

Interface for end user control it is maybe the once idea to solve the issues...


We have many accouts per website as the big part of provider and we cannot take time to enable autossl everytime a user ask for SSL so we enabled autossl for all user (we explained how stop https with htaccess), but is not nice idea cause we had many people dont have idea what is htaccess and/or how change it and when see in the ggosle serp https and http it is a total panic... It is also nice idea to run in real time when ed user enable it-


You should develope the AutoSSL cPanel interface for end user control as for Greylisting.... We also enable Greylist for all user but if sameone dont want he can stop in a click....

photo
1

Yes! We need this feature.


In general we like to turn off AutoSSL certificates because 80% users wont use.


Who like to use SSL certificates then each user can turn on this feature from cPanel.


Thank you!

photo
1

Hello,


I've noticed there has been some movement on this in v66. However, I would like to know if the cPanel "SSL/TLS Status" page still requires "cPanel Store" enabled in WHM's "Market Provider Manager"?


Thanks!

photo
2

Nope, the additions to the cPanel interface do not require that the market providers be enabled. The SSL/TLS Status page is now visible without the Market Provider, but the button to get a certificate is not displayed.

photo
2

While not specifically addressing any of these issues, I do want to mention that in 66 we've added one feature to the cPanel management of SSLs that allows end-users to exclude domains from being issued SSLs through AutoSSL:


https://documentation.cpanel.net/display/66Docs/66+Release+Notes#id-66ReleaseNotes-Domain-specificAutoSSLexclusion