|Dec 13, 2015, 10:53 AM|
|We are deeply sorry to know that you have decided to end our relationships, both because we value your business and because we truly believe purchased SSL is a better choice in most cases.|
|We'll happily provide a 30% discount on your SSL renewal if you'll stay with us.|
|Regarding the cPanel plugin for Let's Encrypt, unfortunately at this point we are unable to tell exactly if we will be implementing it or not since it involves a big amount of changes to our servers structure.|
|We will treat any decision of yours with proper respect and understanding.|
|If there is anything else you would like to discuss about this matter or have any additional questions or comments, please feel free to reply to this email.|
|Customer Support Specialist|
Some more unconfirmed details about their implementation plans. Safe to say they won't be implementing it for shared hosting.
Namecheap makes money off of SSL certificates (they also own ssls.com) so this would cut into their bottom line.
I left Namecheap because they failed to implement the ability to have a TXT record longer than 255 bytes. The UI silently truncates the string. This causes problems for DKIM signatures with strong keys.
Namecheap seem to have become complacent with their place in the industry. the new UI also sucks. They're on their way out the door.
Looks like they do support SSL/TLS certs, but not sure if it's all-encompassing for all kinds of certs, including those not bought specifically through Namecheap. I was just on the cPanel for my previous non-SSL site, made a self-signed cert (I know -- NOT secure, technically) and was able to install it under cPanel --> Security --> SSL/TLS.
They do still upsell with the Namecheap SSL right at the top. I might just go with that, since it's $11 USD/yr for Positive SSL basic personal domains (limited to one domain.) They may or may not support the free ones you can generate from https://letsencrypt.org/
I have been able to generate a Let's Encrypt cert fully. There are several steps but it's doable.
I also got LE working, using acme.sh.
Enable SSH to your account. They told me they have to do this manually thru support. Nonstandard port, listed in their SSL topic in support.
Then you need to install the SSL cert thru cPanel-follow their instructions.
The biggest prob I had was webroot.
@Rex-0x7CB Hi there. Thanks for your helpful post above of the namecheap support chat. I'm looking to do what you did with Let's Encrypt and Namecheap but my coding skills & CS knowledge are not to your level. I'm confident I can upload the SSL files in cPanel once I have obtained them from Certbot. My problem is about getting the files from Certbot. What software and system did you select? If mine are different to yours, how do I find them out? As you are probably aware, Certbot says you need shell access or...switch hosting! ie. no in-between. Any help appreciated.
I commented to Namecheap on their website about not supporting Let's Encrypt and they deleted by my comments... not impressed. Here's a snapshot of the two now deleted comments.
(Here's the text version of what I wrote so it gets pick up by search enignes. One correction I should probably make is that when I used the word security, in most cases a more appropriate word should have been assurance because as far as I know your certs are just as encrypted, the business itself is just not as thoroughly human verified.)
The first comment (which they deleted)
Not possible? You could do it organization-wide for a $150... not bad. The choice should be ours if we choose a free less-secure SSL cert as many many other major providers much larger and with more at risk are offering it. There simply are just sites that don't matter, like a blog. Google is rewarding SSL sites and not everyone needs high security... just an SSL enabled site. You are not giving us the option to choose our level of security.
The second comment posted after a reply from them (they deleted this one too)
letsencrypt CAN BE DONE on shared servers. It would cost Namecheap a whopping $30 to support it directly within CPanel organization-wide, plus you'd get free updates so you don't have to maintain anything. I develop and host myself so have a little knowledge about this.
I really appreciate your philosophy of just offering the lowest price without endless sales. Because of this I have actually been recommending you to many people in expectation that you'll keep the same philosophy and not got the way of GoDaddy with bait and switch. Hoping you'll also hold up the standard for offering something that is freely available to the public and not withhold it because of a competition with a $9/year certificate.