Renewing SSL Certificates With Namecheap

Current guide using acme.sh

The most recent practical guide for installing SSL certificates on Namecheap hosting using acme.sh is located here.

Activating and renewing the certificate

• Log in at namecheap.com
• Account > Dashboard > DOMAIN_NAME (will have SSL listed in the "Expiration" column) > Manage button
• Products tab > positivessl table item listed as "NEWRENEWAL" for the domain/subdomain in question > Activate button
• PositiveSSL Certificate
  • (1) CSR
    • Enter CSR: Paste the CSR generated in cPanel.
    • Primary Domain: Will be prefilled after a valid CSR is entered in the CSR field and focus leaves that field.
    • Server Type: Apache, Nginx, cPanel or other
    • Hashing Algorithm: SHA-2
    • Submit button
  • The following page displays the information that was read from the CSR. Confirm by clicking the Next button.
  • (2) Validation
    • DCV Method: Email
    • Approver Email Select an email address associated with the certificate that can be used to complete the validation.
    • Click Next button.
  • (3) Contacts
    • Company Contacts
      • Company Name
      • Address
      • City
      • State
      • Zip/Postal Code
      • Country
      • Other fields are optional.
    • Administrative Contacts
      • Email Address
    • Click Next button
  • (4) Confirm
    • Review the displayed domain and email address and click the Confirm button.
• An email is sent to the chosen email. A link is provided in the email to complete the process.
• Open the email, copy the provided code, and click on the link provided in the email.
• SSL Certificate Validation
  • Paste the validation code in the form field.
  • Click Next button.
• The certificate is then emailed to the chosen email address. At this point the new certificate is activated, but is not yet installed on the server.

Installing the SSL certificate

• Log in to cPanel.
• Security > SSL/TLS
• Install and Manage SSL for your site (HTTPS) > Manage SSL Sites
• Under Manage Installed SSL Websites > [ssl_domain] > Actions > Update Certificate
• Install an SSL Website
  • Paste the certificate that was emailed by the Issuing Authority in the Certificate (CRT) field.
    (The expiration date displayed under the CRT field should update accordingly.)
  • Click the Autofill by Certificate button above or next to the CRT field.
    • The Domain and Private Key field values will be filled in.
    • The Certificate (CRT) field may also be automatically filled in if it has already been applied. If not, see next bullet below.
    • If everything is ok, green checkmarks will be displayed next to all the fields.
    • Click Install Certificate
  • Copy the certificate code sent from the certificate authority into the Certificate (CRT) field.
    • The code is sent via email from the certificate authority. This is the last email sent in the SSL certificate activation process.
    • At the last renewal, the entity sending the code was "Comodo Security Services".
  • If all goes well, a SSL Certificate Successfully Updated modal dialog is displayed.
    • Click the OK button.
    • The page is refreshed.
    • The domain should be listed under Manage Installed SSL Websites without any errors or warnings.^[1]
• Immediately after submitting the certificate, navigating to the secure URL in a browser should not generate any errors.

Confirming a new/renewed certificate

Note that if the old cert has not yet expired, and is still installed on the server, testing the URL using https in a browser will not be a reliable indicator that the certificate is installed and active.

• Return to Namecheap Dashboard > Domain List > certificate domain
• The new certificate should be listed with an expiration date and a Manage button.
• Load the domain in question in a browser using https protocol.

Notes