cPanel/WHM: Generate CSR (Certificate Signing Request)
Please watch the video tutorial below.
Installing a SSL certificate on your server, using cPanel
- After the certificate has been issued, and sent to you by the Certificate Authority, you can proceed with deploying the certificate on the server. Follow the steps below to install the SSL for your site.
- Log in to your cPanel account
- Locate and click on SSL/TLS Manager in the Security section
- Click on 'Manage SSL Sites' under Install and the Manage SSL for your website (HTTPS) menu
- Copy the certificate code you received from the Certificate Authority including -----BEGIN CERTIFICATE----- and -----END CERTIFICATE----- and paste it into the 'Certificate: (CRT)' field on the next page.
- Click on the Autofill by Certificate button, which appears next to the certificate entered, and the system will attempt to fetch the domain name and the private key. You may also choose the domain from the drop-down list and manually enter the certificate and private key into the corresponding boxes. If the system fails to fetch the private key, you can locate it in the Private Keys (KEY) section of the SSL/TLS Manager. Please remember to include Begin/End headers and footers for the certificate and the key.
- Copy and paste the chain of intermediate certificates (CA Bundle) into the box under Certificate Authority Bundle (CABUNDLE)
If you want to use this certificate for Mail Services (Exim and Dovecot), tick the checkbox ‘Enable SNI for Mail Services’. In this case, you will be able to use your domain, on which SSL certificate has been installed, as a hostname of the mailserver configuring your mail clients to work via secured ports.
Note! This option is available only starting from cPanel. If you have older version of cPanel, you cannot use your certificate for mail. All HostBlast shared and reseller servers have cPanel installed.
- Click on the 'Install Certificate' button
Congratulations! The certificate is now installed on the server for your site. The site should now be accessible via https://. You can check the installation using this tool: https://sslchecker.com/