How to install a third-party SSL certificate with cPanel

This article describes how to manually get and install an SSL certificate on cPanel.

Generation of a private key and CSR

If you have not yet purchased an SSL certificate from another provider, you must first generate a private key and Certificate Signing Request (CSR).

If you have already purchased an SSL certificate from a provider and have the private key (.key) file and SSL certificate (.crt) file, you do not need to follow this procedure. You do not need to generate a private key or CSR. Follow the procedure “Install a private key” below.

To generate a private key and CSR, follow these steps:

1. Log in to cPanel.
2. Click SSL/TLS in the SECURITY section of the cPanel home screen:                                                                   
3. Click Generate, view, upload, or delete your private keys under Private Keys (KEY). The Private Keys page appears.
4. Under Generate a New Private Key, confirm that the Key Type is set to RSA, 2,048-bit.
5. Type a descriptive name for the key, such as the SSL cert private key, in the Description text box.
6. Click Generate and cPanel will generate and display the private key. Now all is ready to generate a Certificate Signing Request (CSR).
7. Click Return to SSL/TLS.
8. Click Generate, view, or delete SSL certificate signing requests under Certificate Signing Requests (CSR) and the SSL Certificate Signing Request page appears.
9. In the Key list box, under Generate a New Certificate Signing Request (CSR),  select the description for the private key that has been generated in step 6.
10. Type the domain that you want to secure with the certificate in the Domains text box.
    Check that the domain name that you want to secure is correct. Beehosting recommends using the www.domain name.com domain form because then the certificate works with both https://www.domain name.com and https://domain name.com. (Do not add https:// to the domain name in the Domains text box.)
11. The remaining CSR fields also need to be completed.
    • Make sure you use the correct two-letter country code (for example, GB or FR). A complete list of these codes can be found on the page https://www.iso.org/obp/ui/#search.
    • Make sure you can remember the passphrase you use. Beehosting will not be able to recover your passphrase if you forget it!
12. Click Generate to create the CSR and cPanel will generate and displays the CSR.
13. Copy the text of the CSR and send it to the third-party SSL provider. After receiving an SSL certificate from the provider, you are ready to enable SSL for your website. Start the certificate installation and SSL activation procedure described below.

Installation of a private key

If the SSL certificate has already been purchased from another provider and you have the private key and certificate, you must first install the private key using cPanel.

To install a private key, follow these steps:

1. Log in to cPanel.
2. Click SSL/TLS in the SECURITY section of the cPanel home screen:                                                         
3. Click Generate, view, upload, or delete your private keys under Private Keys (KEY) and the Private Keys page appears.
4. Upload the key under Upload a New Private Key. Use one of the following methods:
   • Into the text box Paste paste the key text and type a description in the Description text box, then click Save.
   • Another way: click Browse and select the .key file on your computer, in the Description text box type a description, then click Upload.
5. Click Go Back.
6. Click Return to SSL/TLS.
7. Now all ready to install the certificate and enable SSL for your website. Proceed to the certificate installation and SSL activation procedure below.

Installation of the certificate and activate SSL

By this point, you should have the installed private key and certificate from the third-party provider. (You may also have an optional CA bundle). If so, that means you are ready to install a certificate and enable SSL for your website.

To install the certificate and activate SSL follow these steps:

1. Click Generate, view, upload, or delete SSL certificates on the SSL/TLS page, under Certificates (CRT), and the Certificates page appears.
2. Upload the certificate under Upload a New Certificate. Use one of the following methods:
   • Into the text box Paste paste the key text and type a description in the Description text box, then click Save.
   • Another way: click Browse and select the .key file on your computer, in the Description text box type a description, then click Upload.
3. Click Go Back, and then click Return to SSL/TLS.
4. Click Manage SSL sites under Install and Manage SSL for your site (HTTPS).
5. Click Browse Certificates under Install an SSL Website and select the certificate you want to use, then click Use Certificate. The fields Certificate (CRT) and Private key (KEY) will be filled in automatically by cPanel.
6. Select the domain you want to secure with the certificate in the Domain list box.
7. If your SSL certificate requires a CA (Certificate Authority) bundle, paste it under Certificate Authority Bundle (CABUNDLE). If no, leave this field blank.
   CA bundle (also sometimes referred to as an intermediate certificate) is not required for all SSL certificates. If you are not sure if your certificate requires a CA package or not, contact the certificate provider.
8. Click Install Certificate and cPanel install the certificate on the server and enables SSL. You receive an SSL Host Successfully Installed message after completing the process.
9. Click OK. You can now securely access the specified domain by using the https:// prefix in a web browser.

Looking for ways to protect your site? Get the right level of website protection with our SSL options.