What is an SSL Certificate?
SSL is a standard security protocol which establishes encrypted links between a web server and a browser, thereby ensuring that all communication that happens between a web server and browser(s) remains encrypted and hence private. SSL Certificate is today an industry standard that is used by millions of websites worldwide to protect all communication and data that's transmitted online through the websites.
SSL certificates can be installed by account owners on Shared servers, VPS or Dedicated Server accounts. If you require assistance, please submit a request to our live technical support team. They can quickly help you with getting an SSL certificate installed if necessary.
cPanel releases (versions 11.38 and higher) come with a new SSL/TLS Manager which is available to cPanel users. This interface gives you the ability to generate, view, or upload, private keys, Certificate Signing Requests (CSR), and certificates (CTR), and also allows the ability to activate an SSL certificate on your web site.
AutoSSL certificates are a free SSL option that has been added in the latest releases of cpanel/WHM for VPS and Dedicated server accounts. It is important to note that while it is possible to use a shared SSL with the free certificate, the actual domain name being displayed for the certificate will not necessarily match the domain being secured. Servers using SNI (Server Name Indication) will highlight the issue. The easiest way to avoid this complication is to purchase a dedicated IP address for domain that is using an SSL certificate.
If you need an SSL certificate, you can order an SSL certificate from SeiMaxim. Otherwise, you can use the new cPanel SSL/TLS Manager to complete the SSL install process on your own when purchasing a 3rd party SSL certificate. If you just need a SSL certificate for testing purposes, you can generate a self-signed SSL certificate for free.
Enable SSL/TLS Manager in WHM for cPanel users
Before using the SSL/TLS Manager as a cPanel user, it first needs to be enabled in WHM's Tweak Settings option.
1. Login to WHM. In the top-left find box, type in tweak, then click on Tweak Settings
2. Type Allow cPanel in the top-right find box, then fill in On beside Allow cPanel users to install SSL Hosts, then click Save. You should see WHM Updating tweak settings and then when it completes it will say Done at the bottom.
Using the cPanel SSL/TLS Manager
Once you have the cPanel SLL/TLS Manager enabled in WHM, you can access it when logged into cPanel.
1. Login to cPanel and under the Security section, click on SSL/TLS Manager.
Generate Private Keys
1. Now you need to generate some Private Keys, these are used to decrypt information transmitted over an SSL connection. You need a separate Private Key for each SSL certificate you wish to use.
2. Access the cPanel SSL/TLS Manager and click on Generate, view, upload, or delete your private keys.
3. Typically a Key Size of 2,048 bits is fine, but if you need another one you can select it from the drop-down. Fill in a Description for the key if you'd like, then click Generate.
4. Now with your Private Key generated, click on Return to Private Keys. You should see the key you created listed.
5. If you already have a Private Key not on the server, then under the Upload a New Private Key section, you can either paste in your key and click on Save, or you can click on Choose File to browse your computer for the key, and then click Upload. After you've already generated or uploaded your Private Key so it exists on the server, click on Return to SSL Manager.
6. Before getting an SSL certificate for your website, you need to generate a Certificate Signing Request (CSR). This request will include your domain name and company, as well as information specific to the server you're hosting on.
Generate CSR
1. Access the cPanel SSL/TLS Manager. Click on Generate, view, or delete SSL certificate signing requests.
2. Fill out all of the fields for your CSR, then click Generate.
3. You should now see the generated CSR, you can click in the text-box and then hit Ctrl-A to select all the text, and then Ctrl-C to copy it.
4. Now you need to take this CSR text generated from the cPanel server, and when you are purchasing a SSL certificate, the Certificate Authority that you buy it from will need to be supplied with it.
Generate a self-signed SSL Certificate
If you just need your website data encrypted, and are not worried about web-browser warnings you can generate a self-signed SSL certificate for free. When you access a self-signed SSL website from your web-browser, you will get an self signed SSL warning such as this one in Google Chrome. You can simply safely click on Proceed anyway to still get to the website.
When you're on your website if you click on the SSL padlock icon, you can see the reason we got a warning is because the website's identity has not been verified. This is because we used a self-signed SSL certificate and it wasn't verified by a 3rd party certificate authority.
1. Access the cPanel SSL/TLS Manager
2. Click on Generate, view, upload, or delete SSL certificates. Scroll down to the Generate a New Certificate section and fill out all of the details for your self-signed SSL certificate.
3. On the next page, click in the Encoded Certificate text-box, then hit Ctrl-A to select all the text, and then Ctrl-C to copy it.
Install 3rd party SSL certificate
If you sent off your CSR to a certificate authority, you should have gotten back a matching SSL certifcate that you can now go back and install on the server to use for your website.
1. Access the cPanel SSL/TLS Manager and click on Generate, view, upload, or delete SSL certificates.
2. Now either paste your certificate info into the Paste your certificate below box and click Save Certificate Or click Choose File to browse your local computer for the certificate file and click on Upload Certificate.
Activate SSL certificate on web site
Now that you've generated a private key, generated a CSR, and installed a SSL on your account, you should be ready to activate that SSL certificate for your website.
1. Access the cPanel SSL/TLS Manager and click on Install and Manage SSL for your site(HTTPS)
2. From the Domain drop-down, select the domain you're installing your SSL certificate on, and then click Autofill by Domain
3. In this case you can see it's warning us that the Issuer is self-signed which is fine. If you actually installed a 3rd party verified certificate you shouldn't see this warning.
4. Click on Install Certificate.
5.You will then see confirmation that the SSL certificate was installed. You should hopefully now understand how to use the cPanel SSL/TLS Manager to either generate a CSR or get a SSL certificate installed on your website.