Cart Control panel
Article overview

Help article

(Old webhosting) Let's Encrypt for Webhosting

WebsiteBasicLet's EncryptSSLWeb hostingWeeblyWordpress

The importance of using SSL Certificates for websites grows each day. For instance, Google Chrome will already mark websites without an SSL Certificate as 'unsafe'. Furthermore, websites that use an SSL Certificate will end up higher in the search results of most search engines.

With Let's Encrypt, we offer you a free SSL Certificate with your Web Hosting package product. An SSL Certificate ensures a secured connection between your website and its visitors. This means that data that is transmitted from and to your website will be encrypted.

The Let's Encrypt Certificates are only usable on the New Webhosting products and are issued as Wildcard SSL Certificates Validation. Using this type of Certificate will show a 'padlock' icon inside the address bar of your browser.

Due to restrictions from Let's Encrypt there is a maximum length for the domain name when using Let's Encrypt SSL on your Web Hosting. Therefore it is important that the domain name including the point and the extension is at most 42 characters long, otherwise it's not possible to use SSL from Let's Encrypt.

How do I enable Let's Encrypt?

When ordering a New Webhosting product, Let's Encrypt will be automatically enabled for you. You can check this by logging on to your control panel and navigating to the 'Domains & Hosting' tab. Next, select your domain name on the left hand side (don't check the box).

Scroll down to see an overview similar to the one in the image below.

overview of lets encrypt certificates

Perhaps Let's Encrypt is not yet active for your domain name. This happens for instance when your domain name doesn't (yet) use the correct DNS settings for your Web Hosting.

  • To use Let's Encrypt for Web Hosting, we recommend using both the TransIP nameservers as well as the DNS settings for your Web Hosting. In order for Let's Encrypt to become and stay active, a DNS record needs to be added to the domains DNS settings. This DNS record validates the certificate and has to be updated periodically.
     
    • By using the TransIP nameservers, we automatically add and update this DNS record for your domain name. Read the article 'Entering DNS and nameservers via the control panel' to learn what the TransIP nameservers are and how to add them for your domain name.
       
    • By using the DNS settings of your Web Hosting, your domain name will point to the website located on your Web Hosting. Read the article 'The DNS settings of my Web Hosting' to learn what the DNS settings of your Web Hosting are and how to add them for your domain name.
       
  • It's also possible to use Let's Encrypt when using other nameservers than the TransIP nameservers. Keep in mind that you will need to add and update the DNS record for validating the SSL certificate yourself.

    Furthermore, you will also need to add the DNS settings of your Web Hosting to those other nameservers, so your domain name will point to the website on your Web Hosting. Details on this process can be found in 'Conditions for using Let's Encrypt'.


Step 1

Follow the next steps to enable Let's Encrypt on your Web Hosting.

Log on to your control panel, click on the tab 'Domains & Hosting at the top and select your domain name on the left (don't check the box).


Step 2

Scroll down to 'SSL security for your website' and click on 'Add'.

scroll to ssl security for your website and click add


Step 3

Click the slider next to 'Status' to activate Let's Encrypt and click 'Save'.

activate lets encrypt

Let's Encrypt will now be installed on the website on your Web Hosting. This process may take up to 30 minutes.

Once the installation is complete, you will see an overview of your Let's Encrypt SSL certificates in 'Domains & Hosting'.

overview of lets encrypt certificates

Let's Encrypt and the TransIP nameservers

The Let's Encrypt SSL certificates for Web Hosting are installed on your Web Hosting package. This is why your domain name and possible subdomains need to point to your Web Hosting in order to actively use the Let's Encrypt SSL certificates.

Domain names at TransIP use the TransIP settings by default. These settings make sure that domain names automatically point to linked Web Hosting services.

If you deactivated the TransIP settings or use your own default DNS settings, the TransIP settings will not be active. Instead you will need to make sure your domain name uses the correct DNS settings to point to your Web Hosting.

Read the article 'The DNS settings of my Web Hosting' to learn about the TransIP settings, the correct DNS records for Web Hosting and how to add these DNS records for your domain name.

Let's Encrypt and external nameservers

The Let's Encrypt SSL certificates for Web Hosting are installed on your Web Hosting package. When you are using external nameservers (such as your own nameservers or those from another company) it's important that your domain name and possible subdomains point to your Web Hosting in order to actively use the Let's Encrypt SSL certificate.

To do so, make sure these nameservers include the DNS settings of your Web Hosting before activating Let's Encrypt. These settings can not be set via your TransIP control panel but will have to be added via the company whose nameservers you are using.

Once you've activated Let's Encrypt, we will send you an email containing an additional CNAME record you need to add to the DNS settings of your nameservers. This CNAME record is important to validate the SSL certificate. Make sure to add this CNAME record within 20 hours after activating Let's Encrypt.

Also keep in mind that you have to leave this CNAME record in the DNS settings and do not delete the record. This DNS record is important for the automatic renewal of your Let's Encrypt certificate which happens every 3 months. Because we have no access to your external nameservers it's your own responsibility to add the DNS record to the DNS settings of your nameservers ánd that it is not deleted.

When using the TransIP nameservers, we will automatically add and update this DNS record for you.

Are you using the Cloudflare nameservers and setting up the CNAME-record for your Let's Encrypt certificate?

 

In that case make sure to watch the 'Proxy status' of the CNAME-record in your DNS settings at Cloudflare. If this status is set to "Proxied" your record can not be reached and the verification will fail. Therefore it's important to make sure the status of your CNAME-record at Cloudflare is set to 'DNS Only'.

Can I disable Let's Encrypt?

If you no longer wish to use Let's Encrypt, you can disable it by going back to the Let's Encrypt overview in your control panel.

In here, set the slider to 'Off' and click 'Save' to disable Let's Encrypt on your Web Hosting.

Does Let's Encrypt work for subdomains?

Yes they do. Once you've activated Let's Encrypt, every subdomain you've created on your Web Hosting will be secured by Let's Encrypt as well.

Keep in mind that you will have to add DNS records for these subdomains as well. Specifically, point the subdomain to the IP address of your Web Hosting using an A record. Read the article 'Setting an A record' to learn how to add an A record for a subdomain.

Does my Let's Encrypt SSL certificate expire?

Let's Encrypt SSL certificates for Web Hosting remain active as long as the required DNS record for validating the certificate is up to date.

When you use the TransIP nameservers, we will automatically add and update this DNS record for you. No action from you is required that way. Make sure your domain also uses the DNS settings of your Web Hosting.

When you use different nameservers than the TransIP nameservers, we will have no way of adding or updating this DNS record. In that case you will need to manually add and update the DNS record yourself. Learn more about this process in 'Conditions for using Let's Encrypt'.

Let's Encrypt isn't active yet

In that case you should check if your domain name uses the DNS settings of your Web Hosting. Afterwards, disable and enable Let's Encrypt and save the changes.

Using different nameservers than the TransIP nameservers and Let's Encrypt isn't active yet? Make sure the nameservers contain the required DNS record for validating the SSL Certificate. This DNS record needs to be added to your nameservers with 20 hours after activating Let's Encrypt. If the DNS record wasn't added in time, a new DNS record will be sent via email the next day.

In both cases Let's Encrypt will be automatically activated on your Web Hosting. If this isn't the case after 30 minutes, please contact our support team. They will be able to assist you with activating Let's Encrypt for your specific case.


In this article we've explained how to activate Let's Encrypt on your Web Hosting.

If you have any questions regarding this article, please contact our support team. You can reach them using the 'Contact us' button below or via the 'Contact' button inside your control panel.

If you wish to discuss this article with other users, feel free to leave a comment below.

Has this article been helpful?

Create an account or log in to leave a rating.

Share this article

Comments

Create an account or log in to be able to leave a comment.

VPS

Web Hosting

Need help?

About TransIP

Cookies

TransIP uses cookies so you can automatically log in to our website and the contents of your shopping cart will be remembered. We use Google's cookies to analyze activities on our website and to improve our product pages. This way we also see how you use our website and which services you find interesting. After you give permission, we place cookies from Microsoft, Tradedoubler, Facebook, Twitter, LinkedIn and Google for social media and advertising purposes. If desired, you can change your preferences under 'Manage Cookie Settings'.

Read more about our cookies in our cookie policy or take a look at our privacy policy to see how carefully we handle your personal data.