How to install SSL Certificates that have been purchased elsewhere with cPanel

269ac00f765508cb74b25d006dbf5bb2

Written by Dennis Nind

Last published at: February 8th, 2019

The SSL/TLS Manager will allow you to generate SSL certificates, certificate signing requests, and private keys. These are all parts of using SSL to secure your website. SSL allows you to secure pages on your site so that information such as logins, credit card numbers, etc are sent encrypted instead of plain text. It is important to secure your site’s login areas, shopping areas, and other pages where sensitive information could be sent over the web.

(cPanel >> Home >> Security >> SSL/TLS)

Overview

The features in this interface allow you to generate and manage SSL certificates, signing requests, and keys, which enhance your website's security. They are useful for websites that regularly work with sensitive information, such as login credentials and credit card numbers. Encryption protects visitors' communications from malicious users.

Warning:

As of cPanel & WHM version 68, we only support Transport Layer Security (TLS) protocol version 1.2.
  • We will only support applications that use TLSv1.2.
  • We strongly recommend that your hosting provider enable TLSv1.2 for your account.

Note:

CAA records in the domain's zone file restrict which CAs (Certificate Authority) may issue certificates for that domain.
  • If no CAA records exist for a domain, all CAs can issue certificates for that domain.
  • If conflicting CAA records already exist, remove the existing CAA records or add one for the desired CA.
For example, a CAA record for Comodo would resemble the following example, where example.com represents the domain name:
example.com. 86400 IN CAA 0 issue "comodoca.com"
You can manage CAA records through the Zone Editor interface. For more information about a CA's requirements, read their documentation.

Documents available

The following documents provide more information about the sections of this interface:

SSL certificate creation privileges

The following table describes a user's privileges to create a SSL certificate:

User Type
Privileges
Website ownersWebsite owners can only create SSL certificates on domains that they own and use a dedicated IP address.
ResellerResellers can create SSL hosts on any IP address that a reseller dedicates, except to an SSL resource.
Reseller with rootprivilegesThe root user, or a reseller with root privileges, can create an SSL certificate on any available IP address on the server, except to an SSL resource.