Enhance handles SSL certificates automatically. When you add a domain and its DNS points to your server, Enhance requests a free Let’s Encrypt certificate, installs it, and renews it before it expires. No manual steps needed.

How Auto-SSL Works

  1. You add a domain to your Enhance website
  2. Enhance checks that the domain’s DNS resolves to your server
  3. Once confirmed, Enhance automatically:
    • Requests a certificate from Let’s Encrypt
    • Validates domain ownership via HTTP challenge
    • Installs the certificate
    • Configures HTTPS
    • Sets up automatic renewal (every 60-90 days)

This process usually completes within a few minutes of DNS propagation finishing.

Checking Certificate Status

  1. Go to Websites and click your domain
  2. Look for the SSL section
  3. You’ll see:
    • Certificate status (active, pending, error)
    • Expiry date
    • Issuer (Let’s Encrypt)

HTTPS Redirect

Enhance typically forces HTTPS by default. All HTTP traffic is automatically redirected to HTTPS. If for some reason HTTP is still accessible:

  1. Check the Force HTTPS or Redirect to HTTPS toggle in your domain’s settings
  2. Make sure it’s enabled

Wildcard Certificates

For wildcard certificates (*.yourdomain.com), Let’s Encrypt requires DNS validation instead of HTTP validation. This means:

  1. Your domain’s DNS must be managed through Enhance (or you need to add a DNS TXT record manually)
  2. Enhance will attempt DNS validation automatically if it manages the zone
  3. If DNS is managed externally, you may need to add the _acme-challenge TXT record manually

Troubleshooting SSL Issues

Certificate Not Generating

If the certificate doesn’t appear after adding a domain:

  • Check DNS propagation. The domain must resolve to your Enhance server’s IP. Use GoZen Host DNS Tools to verify.
  • Wait for propagation. DNS changes can take up to 48 hours. The certificate will be issued once Let’s Encrypt can reach your server at the domain.
  • Check rate limits. Let’s Encrypt has rate limits (50 certificates per domain per week). If you’ve been adding and removing the same domain repeatedly, you may be rate-limited.

Mixed Content Warnings

If your site loads over HTTPS but the browser shows a “not secure” warning or a broken padlock:

  • Some resources (images, scripts, stylesheets) are still loading over HTTP
  • For WordPress, install the Really Simple SSL plugin or update URLs in Settings > General
  • Check your database for hardcoded http:// URLs

Certificate Renewal Failures

Enhance renews certificates automatically, but renewal can fail if:

  • The domain’s DNS no longer points to your server
  • The server can’t be reached on port 80 (HTTP) during the renewal challenge
  • A firewall is blocking Let’s Encrypt’s validation servers

Check the SSL section for error messages and verify DNS is correct.

Custom SSL Certificates

If you have a paid SSL certificate (EV, OV, or wildcard from another provider):

  1. Go to your domain’s SSL settings
  2. Look for Upload Certificate or Custom SSL
  3. Paste your:
    • Certificate (PEM format)
    • Private Key
    • CA Bundle / Chain (intermediate certificates)
  4. Save

The custom certificate will override the Let’s Encrypt one for that domain.

Last updated 14 Apr 2026, 08:40 +0300. history

Was this page helpful?