Before you can install your SSL certificate after purchase you need to generate a Certificate Signing Request (CSR) and send it to your SSL vendor. If you purchased your SSL from KnownHost the CSR can be entered at https://my.knownhost.com. If you purchased your SSL certificate somewhere else you'll enter it on the website where you purchased the certificate.
Click here for help generating your Certificate Signing Request (CSR).
You can get your token in one of two ways:
The token is emailed to you when you purchase the SSL certificate. Within the email you'll find a snippet similar to the following:
Token : DD0487376AMTI4MDUx0#!mg7eukwb7yy7dy7zn777
Tokens can be used within the cPanel interface by clicking on the
AutoInstall SSL icon.
Enter your token here and click
Once you enter your token here you'll be guided through every step of the SSL setup process.
If your domain is not pointed at the server (ie. if your DNS is pointed to an old or previous provider) then the step
Validating the Domain & Checking order status will fail until the domain is pointed at the server/account where you're installing the certificate.
The instructions for installing an SSL certificate from the certificate files varies slightly between different control panels – we have both DirectAdmin and cPanel/WHM covered in the section below.
This section of the guide is focused around deployed servers with DirectAdmin's new skin "Evolution"
You'll need to login to your DirectAdmin user through the DirectAdmin Panel – or if you're the Administrator, you can drop in through the
admin user. Once at the
user level, go to "Account Manager" and click "SSL Certificates":
Evolution - Default:
Evolution - Icon:
Once inside the SSL Certificate area, you'll see many different choices:
You'll want to ensure that you have "Paste pre-generated' box checked as outlined in the following screenshot:
You'll see two boxes in this window, the "Key" box and the "Certificate" Box.
The "key" box is for the
Private RSA Key
The "certificate" box is for the actual certificate or
Please see this example:
Once your certificate is entered, click "Save" for it to take effect.
Some certificates require you to enter the CA Root Certificate bundled with the certificate as well – please be aware of this!
To set the CA Root Certificate, you'll want to click "CA Root Certificate" within the SSL Certificate area:
This will take you to the "CA Root Certificate" window to apply the certificate.
You paste it and click "Save" – simple as that!
Your SSL certificate at this point should be installed properly.
This guide assumes that you have already generated the 4)Certificate Signing Request (CSR), and the private key is already stored on the server. If the private key has not been added, you can do so in a below step. In cPanel, click on the icon labeled
From this screen, click on the link
Generate, view, upload, or delete SSL certificates under the "Certificates (CRT)" heading.
You can copy and paste the entire certificate (including the
—–BEGIN CERTIFICATE—– and
—–END CERTIFICATE—– lines: they are important) into the provided text box. If the certificate was pasted correctly, cPanel will show more information regarding the certificate like so:
Domains: yourSSLdomain.tld Issuer: CoolSSLIssuer Key Size: 2,048 bits (c031337 …) Expiration: Feb 13, 2018 9:30:42 AM
You can enter a description with the provided box as well – entering a date and description can help you keep your certificates organized. Once the certificate has been entered (with an optional description) you can click on
Save Certificate. If it was successful, you will get a message from cPanel saying the certificate has been saved.
If your certificate was provided in the
.crt file format (you may need to extract this file from a
zip archive) you can choose the
Browse… button to select the file from your computer (or other device) and upload it to the server without having to copy and paste the information directly. Once you have selected the file (and entered an optional description) click on the
Upload Certificate – if the certificate is in the right format, cPanel will automatically save the certificate for you.
SSL/TLS screen in cPanel, click the link
Manage SSL sites under the "Install and Manage SSL for your site (HTTPS)" heading.
Scroll down to the
Install an SSL Website heading, and click the drop-down box under the section called
Domain (with the text "Select a Domain") and choose the domain that you wish to install an SSL certificate for.
If you installed the certificate according to the steps above (and the private key is already on the server after generating a CSR) you can click on the
Browse Certificates button and select the certificate you just entered and click on
Use Certificate – this will fill in the appropriate information for you. If you only have one domain or a single certificate uploaded, you can click on
Autofill by Domain and cPanel will automatically select the appropriate certificate, private key, and certificate authority bundle (CA bundle).
If you did not previously upload the private key to the server, you can copy and paste it into the private key field now.
Verify that the information is correct – especially the
Expiration Date fields and click on the
Install Certificate button below.
If the SSL certificate was installed correctly, cPanel will give you a confirmation message. Now that you are more familiar with how cPanel's SSL Manager interface works, you can save some time when installing your next certificate by using the
Manage SSL sites link directly.
SSL certificates can also be installed as the from within WHM as well, though the interface can be somewhat less intuitive than installing via a cPanel account (but it is faster if you already have the certificate, private key, and CA bundle extracted and ready for installation – or if you're just more comfortable with WHM.)
After a 5)Certificate Signing Request (CSR) has been generated and you have received the certificate, you would navigate to
WHM Home → SSL/TLS → Install an SSL Certificate on a Domain (you can type in
ssl on WHM's search bar for easy access):
From here, you would type in the domain in the
Domain field and copy and paste the certificate, private key and your CA bundle into their respective fields – you should leave the
IP Address field blank (for auto-discover). The certificate can then be installed by clicking on the
Install button at the bottom of the page.