The Blog

How to Install an SSL certificate on your server, using cPanel
July 7, 2020 0 Categories Knowledge Base

How to Install an SSL certificate on your server, using cPanel

An SSL certificate acts as third-party verification for a website’s security. It verifies the strength of the Secure Socket Layer encryption used when a user connects to the site and connects that encryption to the organization or individual that owns and maintains the website. SSL certification and validation are a necessary piece of web security for any business that collects information from its users.

Different SSL certificates provide different levels of security, depending on the level of protection and security features your website and its users need. You may be familiar with visual elements such as Site Seals, the HTTPS:// protocol appearing in the URL, but there are less-visible functions that help protect your website and visitors.

No matter what level of security you choose, your users will recognize that your site is safe, and that leads to greater trust in your brand online.

Using Retro theme

After the certificate has been activated and issued to you by the Certificate Authority, you can proceed with deploying the certificate in your cPanel. Follow the steps below:

    1. Log into your cPanel account
    2. Locate and click on SSL/TLS Manager in the Security section:

cpinst1

    1. Click on Manage SSL Sites under the Install and Manage SSL for your website (HTTPS) menu:

cpinst2

Note: Some hosting providers do not have the option Manage SSL Sites in their cPanel (ex.: Hostgator, Godaddy, etc.). In this case it might be necessary to contact the hosting provider directly for performing the installation process or locating the exact installation guide for third-party certificates on their site.

    1. Copy the certificate code you received from the Certificate Authority including —–BEGIN CERTIFICATE—– and —–END CERTIFICATE—– and paste it into the Certificate: (CRT) field on the next page. The certificate files can be opened with the help of a text editor (e.g., Notepad for Windows or Textedit for macOS) on your computer.

Note: The certificate code can be found in the *yourdomain*.crt file which is usually sent to you in the email from the Certificate Authority. Alternatively, it can be downloaded from your account directly.

    1. Click on the Autofill by Certificate button, which appears next to the certificate entered, and the system will attempt to fetch the domain name and the private key. You may also choose the domain from the drop-down list and manually enter the certificate and private key into the corresponding boxes. If the system fails to fetch the private key, you can locate it in the Private Keys (KEY) section of the SSL/TLS Manager. Please remember to include Begin/End headers and footers for the certificate and the key. In case the private one is missing, please generate a new CSR code together with the private key and then reissue your SSL certificate.

cpinst3

    1. Copy and paste the chain of intermediate certificates (CA Bundle) into the box under Certificate Authority Bundle (CABUNDLE) if it is not filled in already.

If you want to use this certificate for Mail Services (Exim and Dovecot), check the Enable SNI for Mail Services box. In this case, you will be able to use your domain on which the SSL certificate has been installed as a hostname of the mail server configuring your mail clients to work via secured ports.

cpinst4

    1. Click on Install Certificate.

Congratulations! The certificate is now installed on the server for your site. The site should now be accessible via https://. You can check the installation using this tool

cpinst5

Basic theme

After the certificate has been activated and issued to you by the Certificate Authority, you can proceed with deploying the certificate in your cPanel. Follow the steps below:

    1. Log into your cPanel account
    2. Locate and click on SSL/TLS Manager in the Security section:

cpinst6

    1. Click on Manage SSL Sites under the Install and Manage SSL for your website (HTTPS) menu:

cpinst7

    1. Copy the certificate code you received from the Certificate Authority including —–BEGIN CERTIFICATE—– and —–END CERTIFICATE—– and paste it into the Certificate: (CRT) field on the next page. The certificate files can be opened with the help of a text editor (e.g., Notepad for Windows or Textedit for macOS) on your computer.

Note: The certificate code can be found in the *yourdomain*.crt file which is usually sent to you in the email from the Certificate Authority. Alternatively, it can be downloaded from your account directly.

    1. Click on the Autofill by Certificate button, which appears next to the certificate entered, and the system will attempt to fetch the domain name and the private key. You may also choose the domain from the drop-down list and manually enter the certificate and private key into the corresponding boxes. If the system fails to fetch the private key, you can locate it in the Private Keys (KEY) section of the SSL/TLS Manager. Please remember to include Begin/End headers and footers for the certificate and the key. In case the private one is missing, please generate a new CSR code together with the private key and then reissue your SSL certificate.

cpinst8

    1. Copy and paste the chain of intermediate certificates (CA Bundle) into the box under Certificate Authority Bundle (CABUNDLE) if it is not filled in already.

If you want to use this certificate for Mail Services (Exim and Dovecot), check the “Enable SNI for Mail Services” box. In this case, you will be able to use your domain on which the SSL certificate has been installed as a hostname of the mail server configuring your mail clients to work via secured ports.

cpinst9

    1. Click on Install Certificate.

Congratulations! The certificate is now installed on the server for your site. The site should now be accessible via https://. You can check the installation using this tool.

NOTE! Starting from cPanel version 11.60 you are able to use the installed certificates to log into the cPanel/WHM as well as webmail, ftp and webdisk. The certificate installed for a domain gets assigned to these services automatically, no separate actions are required.

Leave a Comment