InMotion Hosting Support Center

Would you be open to adding "Let’s Encrypt" cPanel extension?

Category: Ssl

alex.rothschild1@gmail.com
Asked:
2016-09-01 3:17 pm EST

Hits: 1,921
It would allow for adding free SSL certificates to sites.

I know that you guys offer a paid SSL product. But the trend is definitely towards the free SSL offerings from Google (one of the companies behind Let's Encrypt). This would definitely be a huge selling point for your hosting offering.

Step by step installation: https://premium.wpmudev.org/blog/free-ssl-https-cpanel/

Don't need a quick answer. I hope you guys can give it thought, do some research, etc. Would love to see it happen.

Cheers!

You must login before you can ask a follow up question.

You must login before you can submit an answer.

So for the record, even if using a free ssl provider, inMotion charges $49 to have it installed.
alex.rothschild1@gmail.com
11 Points
2016-09-03 12:16 pm EST
Please confirm my understanding: Even though Let'sEncrypt integration is not available directly, there's no reason why it can't be added the same way any other 3rd-party SSL such as startssl could be added, right?
themed21
0 Points
2016-12-18 02:01 pm EST
Further to this request, please see this article published today on the WordFence blog: https://www.wordfence.com/blog/2017/01/chrome-56-ssl-https-wordpress/
It notes that "Starting with the release of Chrome 56 this month, any website that is not running HTTPS will have a message appear in the location bar that says “Not Secure” on pages that collect passwords or credit cards."

Eventually those pages will show a more alarming red warning sign in the address bar.

Getting universal SSL available is getting more and more urgent. I have too many WP sites for community organizations, non-profit blogs, or very small businesses, and purchasing SSL would be another burdensome cost for them.
holmpage
0 Points
2017-01-17 04:21 pm EST

OTHER ANSWERS

1

John-Paul
Staff
31,633 Points
2016-09-01 3:57 pm EST
Hello alex.rothschild1,

Thank you for your question regarding let's encrypt. You can already install Let's encrypt on our VPS, and Dedicated servers.

At this time there are no immediate plans to add this to our Shared/Business server environments. But, keep in mind there are many free ssl providers (such as startssl) available if you wanted to install a 3rd party SSL on a Shared server. This is beneficial too since they provide a year long SSL (365 days) as opposed to the 90 day SSL's provided by Let's Encrypt.

Also, be aware of some of the security mistakes made by the let's encrypt team earlier this year. Read the whole article here: Let’s Encrypt accidentally shares user email addresses.

Thank you,
John-Paul

You must login before you can post a comment about this answer.

Thank you, John-Paul. Lots of good info!
alex.rothschild1@gmail.com
11 Points
2016-09-03 10:16 am EST
the free company startssl do NOT offer a useable certificate for free as they REQUIRE payment for validating your suitability
workinghardest1
6 Points
2016-09-17 11:20 am EST
StartSSL's free certificates provide the same security as the free Let's encrypt certificates. Of course, if you want extended validation you must pay for that. That has nothing to do with the ability of the certificate's ability to work. It is also a service that Let's Encrypt does not even plan to provide to its users.
scott
43,761 Points
Staff
2016-09-19 9:59 am EST
This is stated at https://startssl.com/Certificates :

Notice:
1. Mozilla and Google decided to distrust all StartCom root certificates as of 21st of October, this situation will have an impact in the upcoming release of Firefox and Chrome in January. Apple's decision announced on Nov 30th of distrusting all StartCom root certificates as of 1st of December will have an impact in their upcoming security update.
2. Any subscribers that paid the validation fee after Oct. 21st can get full refund by request.
3. StartCom will provide an interim solution soon and will replace all the issued certificates with issuance date on or after Oct 21st in case of requested. Meanwhile StartCom is updating all systems and will generate new root CAs as requested by Mozilla to regain the trust in these browsers.

So it doesn't seem to be a great solution right now. Any other suggestions?
NataliPro
3 Points
2016-12-12 6:27 pm EST
StartCom is taking action to restore the trust as in your post. But for the near future at least, we are not adding the Let's Encrypt plugin to our cPanel.
scott
43,761 Points
Staff
2016-12-12 6:57 pm EST
I'm interested in this conversation because I think every website should be secured and the only way this will happen is if there are free solutions available. Let's Encrypt looks like a very good move in this direction. I see the Electronic Frontier Foundation offers it's own version through CertBot but it's still basically a Let's Encrypt installation. The two mistakes Let's Encrypt has made mentioned in the article you link to were promptly discovered and dealt with and with (apparently) complete transparency. StartSSL, which you recommend, is apparently no longer trusted due to some very suspicious and very not transparent activity.
So, is InMotion willing to take a second look at Let's Encrypt for those of us on shared (reseller) hosting or can you recommend any other free alternatives? And yes - I realize there are still the installation charges.
Robbie Link - Site5 refugee and new to InMotion but liking it so far.
robbielink
35 Points
2016-12-13 9:55 am EST
I am moving my websites to another hosting service because the Let's Encrypt plugin is not available.
hellmandotnet
3 Points
2017-02-08 7:16 pm EST
0

scott
Staff
43,761 Points
2016-09-06 7:16 am EST
No, our charge to install an SSL is one time $25 charge. Any yearly updates are installed for free. Plus, cPanel also has a tool where you can install an SSL onto your account. There is no charge for that.

You must login before you can post a comment about this answer.

1

josephdowdy
2017-01-09 1:00 pm EST
I really love all that you do at InMotion Hosting but I really am disappointed that you would defend the idea that you will not be adding the Let's Encrypt cPanel extension. I don't care what reasons there are for and against but it does bother me that you are so great at customer service that you would draw the line here and tell the customers that you're not going to listen on this one.

You must login before you can post a comment about this answer.

They make too much money from them. That simple.
audas
25 Points
2017-01-23 8:53 pm EST
Like this Question?

Forum Login

You are NOT logged in. You can still browse our Support Center.

To participate within our Community Support Forum:

Need more Help?

Ask the Community!

Get help with your questions from our community of like-minded hosting users and InMotion Hosting Staff.

Current Customers

Chat: Click to Chat Now E-mail: support@InMotionHosting.com
Call: 888-321-HOST (4678) Ticket: Submit a Support Ticket

Not a Customer?

Get web hosting from a company that is here to help. Sign up today!