“The days of paying for SSL Security Certificates are coming to an end. From today we’ll be rolling out free Domain Validated Comodo SSL Certificates across our shared web hosting platforms in the UK and USA. Domain Validated SSLs from this point on will be free for all clients. The only reason you should pay for an SSL product is if you need additional support in implementing the SSL or if you need a specialist SSL such as an EV SSL or a Wildcard SSL. It’s exciting times in the hosting industry and we’re pleased to be playing even a small part to make the internet a more secure and encrypted place.”
Stephen Kinkaid – Big Wet Fish Hosting
Over the next 5 days cPanel version 58 will start rolling out across our shared and reseller hosting platforms. cPanel AutoSSL is a new feature that will auto provision and install a FREE Comodo Domain Validated SSL Security Certificate for every domain that is hosted on and points to the server. It’s an exciting development and it’s to be welcomed.
We’ll be shorting activating AutoSSL on all our Shared and Reseller servers and the certificates will soon start rolling out and being installed on all domains.
AutoSSL is the solution to one of the biggest pain points that exists for every cPanel & WHM user: SSL installation and renewal. With AutoSSL there are no more forms to fill out, and no more certificates to manually copy into place. Once you enable AutoSSL your websites are automatically secured with a Domain Validated SSL certificate. Perhaps more exciting is the fact that your coverage will never lapse, because at expiration time a new SSL is requested and automatically installed.
What support will Big Wet Fish provide with Free SSL Certificates vs Paid SSLs
We sell SSL certificates starting at £22 for 12 months. We are continuing to sell these certificates as they come with full support. Sometimes clients may need help in setting up their website to work with an SSL Certificate. When you buy an SSL from us we will do all we can to help you troubleshoot problems such as why there is no padlock or how to set your website to automatically load https:// when someone visits the page. Where you use the free AutoSSL certificate our support will be limited to confirming that the certificate is installed correctly for you. We are enabling the AutoSSL feature on the understanding that we will not provide any support for them aside from confirming they are installed. If you are going to need help troubleshooting why there is no padlock or enabling all pages to be https:// by default etc we will ask you to purchase our SSL product so we can provide that support to you. Our sales team will be happy to advise on cost.
I have a free SSL, I get no padlock! Any advice?
Yes! Have a look at https://www.whynopadlock.com and you may be able to troubleshoot the issue yourself. If you still need help all you need to do is reach out to our sales team, purchase an SSL from us and we will fully support it.
I have paid for an SSL recently what happens to that now and at renewal time?
Unfortunately cPanel only announced this product on 28 July 2016 and it is only being rolled out with version 58 that was released this week so we were not able to alert clients any earlier to this feature. If you purchased an SSL it will run until its expiration date at which point you can choose to renew it or you can opt for the free certificate provided by cPanel. If you prefer the free certificate just open a ticket for our accounts team once your renewal generates and we will cancel it for you.
What about Let’s Encrypt free SSLs?
cPanel are working hard to officially support Let’s Encrypt free SSLs during the version 58 cycle (in the next 3 months). They currently have this in beta and once it is released we will of course off that right away to give all our clients a choice of either installing the free Comodo certificate or the free Let’s Encrypt certificate. We currently have Let’s Encrypt running as a beta on some of our shared servers using a third party script and many clients have been using it for months.
I’m a VPS Client, I sell SSLs to my clients, can disable AutoSSL
Of course! The AutoSSL feature will be disabled by default. This means you need to log into WHM as the root user and enable it before it will start installed the SSLs on your client’s domain names. We’ll be emailing all VPS Clients within the next 72 hours to alert them to this blog post and telling them that enabling AutoSSL is completely optional. We will not turn on this feature for any VPS client without their express permission as we fully understand that selling SSLs is a revenue stream for many clients. If you currently rely on the sale of SSLs as a reseller or VPS client you should start planning NOW for the loss of some of that revenue as free SSLs will very quickly become the norm across the industry.
I’m a Reseller, I do not want my clients to have AutoSSL
We will be enabling this on all servers including reseller servers. If you prefer not to have AutoSSL enabled on your reseller account we believe we can disable it on a case by case basis by using the feature manager. Pop a ticket in and our team will gladly look into that for you. We expect most resellers to want this feature for the added security it brings.
Where can I find more information on AutoSSL
Check the cPanel Blog here where Benny Vasquez, cPanel’s Community Manager gives the low down about this great new feature. https://blog.cpanel.com/autossl/ is where you need to go to and if you want to chat to Benny she’s super active on Twitter @cpaneldev