From fe377ea3eb9ea16797509be158076214d5341a2b Mon Sep 17 00:00:00 2001
From: Anyaoha <33767533+Anyaoha@users.noreply.github.com>
Date: Sat, 18 Mar 2023 00:35:51 -0700
Subject: [PATCH] There seem to be a change that have made issue certificate to
 default to `ECC certificates`. These affects the activation of securing the
 domain in question because ecc certificates create a subdirectory
 (domain.com_ecc), storing the certificates and key there. Instead of the
 domain.com directory.... Hope this helps anyone having this difficulty

---
 Simple-guide-to-add-TLS-cert-to-cpanel.md | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/Simple-guide-to-add-TLS-cert-to-cpanel.md b/Simple-guide-to-add-TLS-cert-to-cpanel.md
index ed12088..685574d 100644
--- a/Simple-guide-to-add-TLS-cert-to-cpanel.md
+++ b/Simple-guide-to-add-TLS-cert-to-cpanel.md
@@ -64,6 +64,12 @@ If this domain has alias/parked domains, include those with additional `-d` para
 
     acme.sh --issue --webroot ~/public_html -d example.com -d www.example.com --staging
 
+**Note that the above test certificate would Issue ECC certificates which may get stored in your directory `/home/CPANEL_USERNAME/.acme.sh/domain.com_ecc`, and may cause your SSL issued but not working**
+Instead, use this method to test certificates for (RSA2048),(RSA3072) or (RSA4096)
+
+   
+    acme.sh --issue --webroot ~/public_html -d example.com -d www.example.com --keylength 2048 --staging
+
 Ensure that this step is successful. If you encountered an error, ensure that the webroot is correct, or try to run acme.sh with `--debug 2` for further information.
 
 
@@ -72,6 +78,12 @@ Use the same parameters as for your test certificate, except replace `--staging`
 
     acme.sh --issue --webroot ~/public_html -d _EXAMPLE.COM_ --force
 
+**Note that the above test certificate would Issue ECC certificates which may get stored in your directory `/home/CPANEL_USERNAME/.acme.sh/domain.com_ecc`, and may cause your SSL issued but not working**
+Instead, use this method to test certificates for (RSA2048),(RSA3072) or (RSA4096)
+
+   
+    acme.sh --issue --webroot ~/public_html -d example.com -d www.example.com --keylength 2048 --force
+
 This re-issues the certificate as a real, trusted SSL certificate, rather than a test one from the [staging environment](https://letsencrypt.org/docs/staging-environment/).
 
 ***