HTTPS at webhosting

  Administration, Settings, Web Hosting

This article contains information about support for HTTPS at webhosting, offered options, and the setting methods. General information and introduction to HTTPS search in article Basics of HTTPS (HTTP over SSL).

We offer following variants of HTTPS for webhosting:

  1. with shared certificate (activation is no longer available)
  2. with own certificate
    1. on the own IP address
    2. on the domain SNI
  3. with Let’s Encrypt certificate

By default, the HTTPS is disabled. When you access such Web site through HTTPS there is always error 404.

As examples, we will use webhosting domain, which has an internal URL address

1. Shared certificate

Activation is no longer available. Once the certificate is deactivated or another HTTPS option is selected, the shared certificate can no longer be reactivated.

This variant is free, anyone can activate it. For our security is used our certificate certification authority WEDOS CA, which is not globally trusted.

It follows that, after access via the HTTPS to the internal domain ( even on your domain, browsers will report a security issue, because they do not know our CA. There are two possible solutions:

  1. Ignore this error and approve an exception for this site in the browser
  2. Install in your PC to our CA certificate, more in article Certification Authority WEDOS

NOTICE! A shared certificate is not intended to have public access to your secured site. It is designed primarily to safely access to administration of your site. If you want to allow access to the secured page for your visitors, you should use your own certificate.

The final effect:

  • – not secured
  • – not secured
  • – encrypted, but untrusted (warning in browser)
  • – encrypted and trusted (if you install our CA certificate)

2. Own certificate

It is possible to set up your own certificate and private key at webhosting. You must take care of yourself of the issue of the certificate, in this way there is no consultation or mediation from us, you need to deliver the final certificate and private key to us.

For Certificate, specify the domain name that you will use in the URL address of your site. If the name does not match exactly, it will be encrypted, but not trusted (browser warning).

  • certificate for – will only work for, but not for
  • certificate for – will only work for, but not for or any other subdomain
  • certificate for * (“wildcard” certificate) – will work for and any other subdomain ( atd.), but not for

The final effect (in the case of certificate

  • – not secured
  • – not secured
  • – encrypted and trusted
  • – encrypted, but untrusted (warning in browser)

Own certificate for a unique IP Address

To activate a certificate for a unique IP Address your webhosting must have a unique IP Address assigned. You can assign a unique IP Address to web hostings founded before November 2017. We recommend using your own certificates with shared IP Addresses for web hostings founded after this date.

Own IP address is charged at 3.95 EUR/month without VAT.

Own certificate on the domain SNI

To set up your own certificate on the SNI domain, it is necessary for the web hosting to have the additional service “HTTPS support on the SNI domain” active.

By activating this additional service does not automatically make secure the site using HTTPS. This additional service only allows you to set up your own certificate or Let’s Encrypt certificate on the webhosting, without the need for the webhosting to be assigned their own IP address.

3. Let’s encrypt certificate

Another way to set up HTTPS on a webhosting is to set up a Lets Encrypt certificate. Let’s Encrypt is a certification authority that allows you to generate a certificate for HTTPS security for free. The generation of Lets Encrypt certificates is completely automated on the webhosting and after the generation, you do not have to worry about anything else. In order to be able to set up HTTPS for webhosting using the Let’s Encrypt certificate, it is necessary to have the additional service “HTTPS support on the SNI domain” activated. Detailed instructions on how to set up a Let’s Encrypt certificate can be found here.

Activating and setting HTTPS

If you need HTTPS with your own certificate, contact us by using contact form with a request to add your own public IP address to webhosting, only then you will be able to activate this option and specify the HTTPS certificate and private key. Applications for own IP address are handled within 1 business day, this service is charged according to the current price list.

ATTENTION! Own public IP address can not payed separately for other periods than webhosting, service is paid from the date of activation to the end of the current subscription period of webhosting, then apply the next year along with webhosting.

To set up HTTPS at your webhosting, follow the following instructions.

  1. Log in to your account in customer center
  2. Click on tab Webhosting
  3. Open the detail of webhosting where you want to set up HTTPS
  4. In the left menu use link HTTPS
  5. Choose the option of HTTPS, if you have your own certificate insert private key and certificate, if necessary also have intermediate certificate (or multiple certificates) certification authority, all in PEM format (details below).
  6. Use button Apply changes, changes will take effect in 30 minutes.

When you use HTTPS with own certificate:

  • You must have your own public IP address, so contact us via the contact form. Get your own IPv4 and IPv6.
  • Do not forget to change A records in DNS settings for your domain, use the public IP address. Otherwise, HTTPS will not work.
  • Certificates and private keys are entered in PEM format.
  • The private key can be also specified with a password protect or without a password, if necessary enter the password.
  • If it is necessary, also insert intermediate certificate (or more certificates), if it used by your certificate authority – consult it with CA.

Online CSR Generаtor

To generate a private key and CSR request you can use online CSR Generаtor 

HTTPS and aliases

Setting up HTTPS and used certificate is valid for the entire webhosting, therefore, for the main domain and any aliases. It is not possible to assign a different certificate or disable HTTPS for aliases.

If you wish to have HTTPS only for one domain on webhosting and not for aliases, then you have to separate the aliases to another webhosting, which remains without HTTPS.

If you want HTTPS also for an alias, then there are 2 options

  1. Use a certificate that will be issued for multiple domain names at the same time (if it offers you selected CA).
  2. Move the alias to a separate webhosting.

Additional service “HTTPS support on the SNI domain”

By activating this additional service does not automatically make secure the site using HTTPS. This additional service only allows you to set up your own certificate or Let’s Encrypt certificate on the webhosting, without the need for the webhosting to be assigned their own IP address. This additional service is charged at 0.4 EUR without VAT per month.

Byl pro Vás tento návod užitečný?