Results 1 to 17 of 17
  1. #1
    Join Date
    Nov 2014
    Location
    New York
    Posts
    74

    cPanel, Inc. Certificate Authority vs. Let's Encrypt

    Hi,

    I recently moved to a new shared host and noticed that my site is now being automatically secured by a certificate from "cPanel, Inc. Certificate Authority". I used to purchase an SSL certificate as a separate add-on from my previous host. I can see that I also have the option to use Let's Encrypt. Which one should I use? It's a *tiny* personal site.

    Best,
    Vic

  2. #2
    Join Date
    Aug 2019
    Posts
    11
    cPanel, Inc certificate is good, its root authority is Comodo. You will be fine!

  3. #3
    Join Date
    Aug 2005
    Posts
    3,587
    Just go with cPanel's built-in Auto SSL feature. It's super easy and reliable. And as @geekhoster stated above, the actual certificate itself is a Comodo certificate, which is good. Check the SSL Status app in your cPanel to see if all your domains and sub domains are provided with the cPanel SSL.

  4. #4
    Join Date
    Mar 2014
    Location
    su -
    Posts
    6,284
    Both certificates are domain validated certificates. You should be good with either one.
    █||||[ MechanicWeb.com - Shared Hosting | Reseller Hosting | KVM VPS | Dedicated Server ]
    █||||[ NVMe SSD | cPanel | DirectAdmin | LiteSpeed | CloudLinux | MailChannels | Since 2008 ]

  5. #5
    Join Date
    Nov 2014
    Location
    New York
    Posts
    74
    Thanks, all. Much appreciated.

  6. #6
    Join Date
    Sep 2018
    Location
    Freiburg
    Posts
    60
    You can stay with cPanel, Inc. Certificate Authority with no worries.
    I personally recommend this instead of Let's Encrypt.
    Sorry for the late reply.
    hostfactor.eu ¦¦ European based hosting company since 2016
    Web and VPS hosting - Top notch performance on clustered servers
    █ Clusters in Romania - Germany - USA - Moldova - Netherlands - France - UK
    Get in touch: contact@hostfactor.eu

  7. #7
    cPanel Auto SSL will be enough if you don't sell anything on your site. Otherwise, you can buy a commercial ssl for $5/yr.
    domainCart - PHP / AJAX Domain and Hosting Order Script | WHMCS Alternative
    Supports 700+ domain extensions, 27+ payment gateways, multi-currency with auto exchange..
    www.domaincart.net | Demo (all in one - without template)

  8. #8
    Join Date
    Mar 2012
    Posts
    479
    cPanel Auto SSL is fine. It has 90 days validity with auto renewal.
    ImpressHost Premium Web Hosting| USA and UK Location
    Shared Hosting | Reseller Hosting | cPanel/WHM | LiteSpeed Server | RAID 10
    30 Day Money Back Guarantee - 99.9% Uptime Guarantee - Daily Backups

  9. #9
    Join Date
    Jun 2019
    Location
    Australia
    Posts
    51
    you should go with the cPanel one since its Comodo. I'd go with cPanel over Lets Encrypt if I had the option.

  10. #10
    Join Date
    Dec 2007
    Location
    Indiana, USA
    Posts
    19,196
    Quote Originally Posted by ServersGalore View Post
    you should go with the cPanel one since its Comodo. I'd go with cPanel over Lets Encrypt if I had the option.
    For what reason?
    Michael Denney - MDDHosting.com - Proudly hosting more than 37,700 websites since 2007.
    Ultra-Fast Cloud Shared and Pay-By-Use Reseller Hosting Powered by LiteSpeed!
    cPanel • Free SSL • 100% Uptime SLA • 24/7 Support
    Class-leading support that responds in minutes, not days.

  11. #11
    Join Date
    Mar 2009
    Location
    Here Today - Gone to Maui
    Posts
    9,966
    Quote Originally Posted by nycvictor View Post
    Hi,

    I recently moved to a new shared host and noticed that my site is now being automatically secured by a certificate from "cPanel, Inc. Certificate Authority". I used to purchase an SSL certificate as a separate add-on from my previous host. I can see that I also have the option to use Let's Encrypt. Which one should I use? It's a *tiny* personal site.

    Best,
    Vic
    Like other members have said, you'll be fine with either. Kills me that some providers are still charging for SSL certificates.
    ProlimeHost - Dedicated Server Hosting & KVM SSD VPS
    Three Datacenter Locations: Los Angeles, Denver & Singapore
    SuperMicro Hardware | Multiple Bandwidth Providers | 24/7 On-site Engineers

  12. #12
    Join Date
    Feb 2006
    Location
    Buffalo, NY
    Posts
    1,501
    Quote Originally Posted by ServersGalore View Post
    you should go with the cPanel one since its Comodo. I'd go with cPanel over Lets Encrypt if I had the option.
    This is a hot take. As @MikeDVB MDDHosting (longest username ever) said -- why?

    Comodo (now Sectigo) has been in the industry for a long time and are respected. They've also had their own snafoos.

    https://duckduckgo.com/?q=comodo+hack
    https://www.itnews.com.au/news/comod...l-names-411662

    Or one of my favorite issues which is quite recent which many providers here will reel at:

    https://nakedsecurity.sophos.com/202...b-certificate/

    Let's Encrypt -- as a non-profit -- is looking to make the web more secure as a whole. Check their metrics (https://letsencrypt.org/2020/02/27/o...ion-certs.html)!

    Their certificates are exactly the same as Comodo's / Sectigo's -- or any other CA's. The difference is instead of doing it for profit they created a model that can allow anyone to secure their website for free. Then every mainstream browser added their CA root -- why? It's because their model is sound -- or at least as sound as for profit CA's like Comodo / Sectigo.

    So reiterating the initial point -- why would you prefer a CA that is for profit over Let's Encrypt?

    Quote Originally Posted by SenseiSteve View Post
    Like other members have said, you'll be fine with either. Kills me that some providers are still charging for SSL certificates.
    Preach. We still offer paid SSL because people request it not trusting Let's Encrypt because it's free. You can argue EV certificates have value however. We don't and won't push it nor will any of our sales staff. It's a conundrum.


    Disclaimer: We sponsor Let's Encrypt
    Cody R.
    Hawk Host Inc. Proudly Serving websites since 2004.
    Official Let's Encrypt Sponsor

  13. #13
    Join Date
    Mar 2003
    Location
    /root
    Posts
    23,991
    Quote Originally Posted by CodyRo View Post
    So reiterating the initial point -- why would you prefer a CA that is for profit over Let's Encrypt?
    While both works fine, our default one is always Let's Encrypt.

    Go figure

    Specially 4 U
    Reseller Hosting: Boost Your Websites | Fully Managed KVM VPS: 3.20 - 5.00 Ghz, Pure Dedicated Power
    JoneSolutions.Com is on the net 24/7 providing stable and reliable web hosting solutions, server management and services since 2001
    Debian|Ubuntu|cPanel|DirectAdmin|Enhance|Webuzo|Acronis|Estela|BitNinja|Nginx

  14. #14
    Use cPanel, we have mainly use that.

  15. #15
    Join Date
    Dec 2007
    Location
    Indiana, USA
    Posts
    19,196
    Quote Originally Posted by CodyRo View Post
    This is a hot take. As @MikeDVB MDDHosting (longest username ever)
    Let's see if I get infracted for talking about it. I reached out to the administration of WHT about this and they have totally ignored it and not responded to any of my questions. Normally I wouldn't even mention this publicly - but being that the moderators and/or administration team see fit to ignore my questions on the matter - I may as well.

    I don't think posting about this violates any rules - but let's see if one is twisted to infract me and modify and/or remove this post.

    My username was like this: http://www.screen-shot.net/2020-07-26_06-25-15.png

    I got an infraction for this:
    This is a reminder about your post(s) or other actions at Web Hosting Talk.

    This is the reason for this message: Custom Title Advert (Advertising in your custom title.)

    The moderator who issued this reminder has this message for you:
    =======================================
    URLs or other forms of advertising (phone numbers, plans, contact details, etc.) are not allowed in custom user titles or names, which are limited to 25 characters. Also, you may not use custom titles or usernames to impersonate, or attempt to impersonate, WHT Staff, user groups, or any entity you are not associated with.

    We have removed MDDHosting LLC
    =======================================
    Basically the way I had it - it was tasteful and to the point - and only showed under my name on my posts. The way it is now - it shows in a great many more places - anywhere my username is displayed. Apparently this was a violation of the rules [read: it's not really - but the rule is being unfairly applied IMHO].

    All of that said - the way I have it now - is apparently totally OK. Same information displayed in the exact same location. As a matter of fact the way it is now results in the company name showing in far more places.

    I reached out to WHT Administration and they've not responded at all whatsoever.

    TL;DR:
    According to the rules this is ok:
    http://www.screen-shot.net/2020-07-26_06-25-23.png
    And this is not:
    http://www.screen-shot.net/2020-07-26_06-25-15.png

    Apparently one is "advertising" and the other is not. /shrug

    Quote Originally Posted by CodyRo View Post
    Preach. We still offer paid SSL because people request it not trusting Let's Encrypt because it's free. You can argue EV certificates have value however. We don't and won't push it nor will any of our sales staff. It's a conundrum.
    We do as well - mostly because without it we have people upset that they can't get a paid certificate. Some people assume that if something is free that it has to be garbage.
    Michael Denney - MDDHosting.com - Proudly hosting more than 37,700 websites since 2007.
    Ultra-Fast Cloud Shared and Pay-By-Use Reseller Hosting Powered by LiteSpeed!
    cPanel • Free SSL • 100% Uptime SLA • 24/7 Support
    Class-leading support that responds in minutes, not days.

  16. #16
    I think it would be better if all usernames were replaced with Full Name of the user and underneath it have the Business Name. Easier to work out who is who and who you're dealing with etc.

    As for the topic itself, I prefer cPanel SSL but also use the 3rd party Let's Encyrpt plugin for times when cPanel SSL doesn't play nice (very rare).
    HostXNow - Shared Web Hosting | Semi Dedicated Hosting | Enterprise Reseller Hosting | VPS Hosting

  17. #17
    Join Date
    Dec 2007
    Location
    Indiana, USA
    Posts
    19,196
    Quote Originally Posted by chris2009 View Post
    I think it would be better if all usernames were replaced with Full Name of the user and underneath it have the Business Name. Easier to work out who is who and who you're dealing with etc.
    I agree with showing the company name below - but I think users should still be able to use a nickname or handle of their choosing.

    Quote Originally Posted by chris2009 View Post
    As for the topic itself, I prefer cPanel SSL but also use the 3rd party Let's Encyrpt plugin for times when cPanel SSL doesn't play nice (very rare).
    I've seen a lot of situations where the cPanel SSL wouldn't issue for one reason or another - but Let's Encrypt worked perfectly. I never really spent the time to look into it though.
    Michael Denney - MDDHosting.com - Proudly hosting more than 37,700 websites since 2007.
    Ultra-Fast Cloud Shared and Pay-By-Use Reseller Hosting Powered by LiteSpeed!
    cPanel • Free SSL • 100% Uptime SLA • 24/7 Support
    Class-leading support that responds in minutes, not days.

Similar Threads

  1. [FEATURED] Bug in the Let's Encrypt certificate authority code
    By jackpx in forum Hosting Security and Technology
    Replies: 3
    Last Post: 03-08-2020, 08:58 PM
  2. RapidSSL vs Let's Encrypt for WHMCS billing
    By Hostproto in forum Running a Web Hosting Business
    Replies: 18
    Last Post: 11-10-2017, 01:08 PM
  3. cPanel Varnish Plugin with Seamless Let's Encrypt and Native SSL
    By UNIXy in forum Software & Scripts Offers
    Replies: 6
    Last Post: 08-22-2017, 01:29 AM
  4. Replies: 0
    Last Post: 12-28-2016, 04:42 PM
  5. Replies: 0
    Last Post: 02-10-2016, 03:25 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •