As a hosting provider I would like the option to disable the Automatically generated self-signed SSL certificate.
Quick Update: We have completed most of the initial work for this option, however we do not have a test case that was not solved by enabling AutoSSL. If this functionality is important to you, please open a ticket at https://tickets.cpanel.net/submit/ with information about how this request affects you. Please be sure to ask for it to be linked to CPANEL-11589.
After reading through the thread on WHT, if the system can be made to generate self-signed certificates, I suppose this could work.
I think the best solution would be to make this an option, worded something like:
For every new VirtualHost (new account, subdomain, addon domain, parked domain) create:
- A self-signed certificate
- A free AutoSSL (cPanel Comodo or Let's Encrypt)
- No certificate
In my own personal opinion AutoSSL (which probably isn't a great name for this feature) should only be done explicitly. For a DCV certificate to work, the domain name has to be pointing to the server. I just don't understand how doing that "automatically" is a good idea. You're going to have domains that never point to the server constantly trying to get a DCV certificate. But, to each their own. As long as it is an option that I can deselect, I'm fine with offering it this way.
My own personal setup, I've been doing free Let's Encrypt certificates for a long time. I wrote my own system for handling this. I prefer this system. If a client wants a free Let's Encrypt certificate, they can write in and I'll generate and install one for them. I can check to make sure that the domain name is resolving to the server correctly before attempting to generate one. That's why I like this system better. But I am a hands-on host. The helpdesk for our company is monitored by me or my staff 24 hours a day.
A self-signed certificate per VirtualHost doesn't require DCV. So that option can work. But I think this needs to be set explicitly. The question then becomes how long should the validation period be? If you set it low, say a year or less, then you'll have to have another script set to check for expiring self-signed certificate and auto regenerate them.
I get and understand that the world wants to see the web become more secure and default more to https. But I don't think they understand the logistics involved in doing this. It's just not going to be that easy. If the public had not vilified self-signed certificates so many years ago, then self-signed certificates would be applicable almost as much as Let's Encrypt and DCV certificates, without the DCV step.
I agree -- the generation of a self-signed cert needs to be an option. Like sparek-3, I too developed a script to handle the generation and installation of a Let's Encrypt certificate for my customers. A self-signed cert automatically installed will generate a confusing error for customers who try to access the site over https:// before installing a legitimate certificate.
I'm a big fan of not forcing anything new on my customers without an option to disable it -- that is, to leave their configuration exactly as they are used to it. There is absolutely no harm in giving customers the *option* to enable automatic installation of self-signed certificates. Since most of my customers wouldn't trust any certificate that generates a browser error, I do see a downside to automatically installing these certs. An option to enable/disable this feature would not be too difficult to add. Apparently, the idea of making automatic installation of self-signed certs optional is a somewhat popular idea:
This is being worked on in case CPANEL-11589 for v64. If can reduce the risk and size of of the change, we will attempt to backport the change to v62.
Can you clarify a bit as to the proposed implementation? Will it become an option such that we can disable automatic generation of self-signed certs?
I have attached an image of the tweak setting to my the original post.
Great, thanks! I'm handling the case where a user visits a non-SSL site over https: and would see another site (which ever is the "default" site on that IP) by setting up a dummy subdomain (default.[mydomain]com) and setting it as the default site on the shared IP. I have an index page on this site that lets the user know they are seeing that message because they most likely attempted to view a non-SSL site over SSL.
With that in mind, the ability to disable the AutoSSL feature that generates self-signed certs will be a great help!
Comments have been locked on this page!