GCom Internet - Frequently Asked Questions

Free https:// SSL/TLS

Gcom Internet provides free https:// SSL/TLS Domain Validated (DV) certificates and installation for all its hosting clients at no additional cost above their standard hosting fee.

A certificate is generated and installed for each domain and subdomain hosted within the client's account, and subsequently renewed as required. Additionally, a certificate is also generated and regularly renewed for the www and mail host of each domain, and the www host of each subdomain.

SSL/TLS Certificate Generation

For each domain or subdomain created on any of our public hosting servers, an SSL/TLS certificate will normally be generated, approved by a certificate issuing authority, and installed within a few minutes, but only if DNS is correctly pointed to our network at the time of the hosting creation. If DNS is not correctly pointed at the time of the hosting creation, the SSL/TLS generation, approval and installation process will be automatically attempted once each day thereafter, but again, only if DNS is correctly pointed to our network. If you have recently pointed DNS to our network for a previously created hosting, and you require urgent access to SSL/TLS, please email through a support request from your Administrative and Billing Contact (ABC) email address, and we will be happy to manually expedite the process for you.

SSL/TLS Approval

During the SSL/TLS certificate approval or renewal process, cPanel and the certificate authority need to perform Domain Validation procedures against text files which our servers will automatically add to your account. If cPanel or the certificate authority are unable to access the validation files for any reason, they will not approve the certificate, and the SSL/TLS certificate will not be installed or renewed. In addition to ensuring that your domain is correctly delegated and pointed to our network, you should ensure that your .htaccess and other coding elements of your website do not restrict access to the validation checks.

SSL/TLS validation requests from the certificate authority will normally come from the follow IPs...

91.199.212.132
178.255.81.12
178.255.81.13
199.66.201.132

If you have unusually restrictive .htaccess rewrites in place which block access to the validation files, addition of the following .htaccess rewrite conditions will correct the issue...

RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.tmp$

RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$

RewriteCond %{REQUEST_URI} !^/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$

SSL/TLS with Externally Delegated DNS

GCom Internet supplies and installs SSL/TLS certificates for all its clients' domains and subdomains, and also for the www and mail host of all domains, and the www host of all subdomains. However, for the SSL/TLS protocol to function correctly, the associated DNS zone records of all hosts must point to our servers. For any client with externally delegated DNS, the responsibility to have those zone records correctly configured is fully their own and/or their hostmaster's responsibility. For critical information for clients with externally delegated domains, please refer to the knowledge base article Externally Delegated DNS Configuration.

https:// Errors and Warnings

Once an SSL/TLS certificate is installed for your domain, external entities can then access your website under the security of full data encryption. However, if your website has not been correctly coded to conform to SSL/TLS protocol requirements, then your visitors will see warning messages in their browsers. The correction of such website coding errors is outside of our area of support. In all cases, problems related to website coding and design should be forwarded to your web designer or primary IT support provider. A number of online test sites are available to help with faulty SSL/TLS coding, and at the time of raising this document, one such site is available at https://www.whynopadlock.com.

SNI vs Dedicated IP