Changing from Comodo to Let's Encrypt


#1

What do I need to do to change from my existing Comodo issued certificate to one issued by Let’s Encrypt? The Knowledge Base isn’t very clear what I need to do.

Do I just change the option in the Panel from “Use a professional signed certificate” to “Use a free certificate from Let’s Encrypt”. If so will my users experience any certificate errors while the change is happening?

My current Comodo issue certificate expires in about a month so I’ve got a bit of time to get this figured out.


#2

There will be a bit of time while a self-signed certificate will be on your site before Let’s Encrypt gets verified. I’m not able to pinpoint how fast it was for me earlier this year when I switched from Comodo to Let’s Encrypt, but it seemed to be a matter of hours.

It looks like if you try to switch to your Comodo certificate, I suspect the Let’s Encrypt process will abort.

The good news is that once you get past this stage, the certificate renewal process is seamless.

p.s. I use Cloudflare, so it let me adjust my certificate settings while I transitioned from Comodo to self-signed to Let’s Encrypt.


#3

I figured it was painless. After thinking about it this morning, I realized that I can put the site in maintenance mode while the changeover occurs.


#4

Maintenance mode will have the same certificate error. You may as well just post a notice on the site(s) announcing the switchover.


#5

Also interested, just worried to change something that works well, but if you guys confirm that it was as easy to set up Letsencrypt as comodo I will do it !


#6

It’s super easy to do. It’s just the transition that’s a tiny bit rough as you wait for the Let’s Encrypt certificate to kick in. I’ve ditched all of my Comodo certificates in favor of Let’s Encrypt.


#7

Thank you, so I guess I will try now also.


#8

I have tried doing this three times and every time I end up switching back to Comodo after waiting for hours for Let’s Encrypt to finish installing. Today is my fourth attempt and I have waited for hours and nothing has happened yet. Let’s Encrypt certificate shows year 2026 in expiration date and browsers show certification error. My support ticket has been escalated to the team handling Let’s Encrypt related issues and I am yet to hear about it. In comparison, getting a regular domain moved to Let’s Encrypt is quite seamless. I moved a bunch of domains and all of them were properly configured in less than an hour.


#9

That 2026 certificate is the temporary self-signed cert that’s put in place while Let’s Encrypt processes your request.

When you say “getting a regular domain moved to Let’s Encrypt is quite seamless,” which situation isn’t seamless? Switching from Comodo? As I said before, it was in the order of hours, but I can’t find detailed enough records for exactly how long it took. All I can say is they did switch over and it’s been great ever since. How long did it take for a “regular domain” to get a Let’s Encrypt certificate?

It’s possible that being the weekend, it might be Monday before your escalated ticket gets handled.


#10

I started the process on Friday night IST. It’s Sunday Morning here in India. HTTPS on my domain is still inaccessible. I got a failed message from Let’s Encrypt last evening suggesting me to ping Dreamhost support which I did. Even that ticket is around 17.5 hours old. I am tempted to turn Comodo back on but that would mean going through the same ordeal once again in the coming months. Good thing I did not HSTS on my domain so the website can still be accessed over HTTP. But all the traffic coming through Google is getting an insecure website error so that’s not good for business.


#11

I’d say go back to Comodo (how long until yours expires?) and give it another try first thing on a weekday morning, Pacific Time, so you can Live Chat Support if there are any problems.

What was the failed message from Let’s Encrypt? Do you see a .well-known directory in your website?


#12

It was finally processed today. The actual process did not take more than 10 minutes :smiley: Apparently Let’s Encrypt was having issues accessing the .well-known folder on the domain which it needs for something. So DH guys had to rename the .htaccess file during the process for it to happen successfully. They asked me to add a line to the hta file so that the issue does not crop up after 3 months. I have added the line and can only hope that it would fix the access issue at the time of regeneration of certificate. Here’s hoping that my SSL issues are finished till the time I am hosted on Dreamhost! Cheers.


#13

I made the switch from Comodo on August 1. There was only about 30 minutes of downtime. I had my site in maintenance mode so we didn’t have any end users trying to make purchases.