Overview
Conetix uses Let’s Encrypt by default to secure your website with an SSL certificate. Let’s Encrypt is a free, automated system which automatically renews every 90 days.
This renewal process needs to validate the domain, of which there are two methods:
| Validation | Method | Usage |
|---|---|---|
| Domain Validation | Verifies by a file request to your website (automated by Plesk) | Single SSL entry, eg <yourdomain.com> |
| DNS Validation | Verifies by a TXT record in your DNS (automated by Plesk) | Wildcards, eg <*.yourdomain.com> |
If you have your DNS externally hosted (eg, AWS), the DNS validation will fail unless you manually replicate the validation record every 3 months. This is of course very prone to error and forgetting, so Conetix does not recommend this method.
Where Conetix hosts the website only, we highly recommend ensuring that you limit the SSL’s to domain validation, where the automated file placement can ensure the SSL can be automatically re-generated.
If your DNS is external and you must have a wildcard, the only option is a paid certificate.
If you’re using a proxy system which also includes DNS (eg, Cloudflare), then you will need to generate and manage the certificates within this proxy system.