Navigation:

Related:

The latest cPanel 11.38 release comes with a new SSL/TLS Manager which is available to cPanel users when enabled in WHM. This manager gives you the ability to generate, view, or upload, private keys, Certificate Signing Requests (CSR), and certificates (CTR), and also allows the ability to activate an SSL certificate on your web site.

If you need an SSL certificate, you can order an SSL certificate from AMP from InMotion Hosting. Our Dedicated SSL certificates are Comodo-issued 256-bit encrypted InstantSSL certificates and are only $99.99 / year.

SSL certificates require a Dedicated IP address which can be purchased for $24 / year, and there is also a one-time $25 SSL install fee. However if you purchase your SSL from InMotion Hosting we will waive the $24 / year dedicated IP address fee, and you'll only need to pay once for the install.

Otherwise, you can use the new cPanel SSL/TLS Manager to complete the SSL install process on your own when purchasing a 3rd party SSL certificate. **Notice: the SSL/TLS manager will be available in cPanel after purchasing a dedicated IP address

If you just need a SSL certificate for testing purposes, you can generate a self-signed SSL certificate for free.

Enable SSL/TLS Manager in WHM for cPanel users

Before using the SSL/TLS Manager as a cPanel user, it first needs to be enabled in WHM's Tweak Settings option.

  1. Login to WHM
  2. in whm type tweak and click on tweak settings

    In the top-left find box, type in tweak, then click on Tweak Settings

  3. in whm type allow cpanel and enable cpanel users to install SSL hosts

    Type Allow cPanel in the top-right find box, then fill in On beside Allow cPanel users to install SSL Hosts if they have a dedicated IP, then click Save

    You should see WHM Updating tweak settings... and then when it completes it will say Done at the bottom.

    whm tweak settings updated

Using the cPanel SSL/TLS Manager

Once you have the cPanel SLL/TLS Manager enabled in WHM, you can access it when logged into cPanel.

  1. Login to cPanel

  2. under security click ssl tls manager

    Under the Security section, click on SSL/TLS Manager

Generate Private Keys

Before generating anything else, we need to generate some Private Keys, these are used to decrypt information transmitted over an SSL connection. You need a separate Private Key for each SSL certificate you wish to use.

  1. click generate private keys

    Access the cPanel SSL/TLS Manager

    Click on Generate, view, upload, or delete your private keys

  2. click generate

    Typically a Key Size of 2,048 bits is fine, but if you need another one you can select it from the drop-down.

    Fill in a Description for the key if you'd like, then click Generate

  3. cpanel generated private key

    Now with your Private Key generated, click on Return to Private Keys

    You should see the key you created listed

    cpanel view keys on server

  4. paste or upload private key

    If you already have a Private Key not on the server, then under the Upload a New Private Key section, you can either paste in your key and click on Save, or you can click on Choose File to browse your computer for the key, and then click Upload

    After you've already generated or uploaded your Private Key so it exists on the server, click on Return to SSL Manager

Generate CSR

Before getting an SSL certificate for your website, you need to generate a Certificate Signing Request (CSR). This request will include your domain name and company, as well as information specific to the server you're hosting on.

  1. click generate csr

    Access the cPanel SSL/TLS Manager

    Click on Generate, view, or delete SSL certificate signing requests

  2. fill out csr fields click generate

    Fill out all of the fields for your CSR, then click Generate

  3. copy generated csr text

    You should now see the generated CSR, you can click in the text-box and then hit Ctrl-A to select all the text, and then Ctrl-C to copy it.

  4. Now you need to take this CSR text generated from the cPanel server, and when you are purchasing a SSL certificate, the Certificate Authority that you buy it from will need to be supplied with it.

    When asked the server type your CSR was generated on, you'd want to select RedHat Linux.

Generate a self-signed SSL certificate

If you just need your website data encrypted, and are not worried about web-browser warnings you can generate a self-signed SSL certificate for free.

When you access a self-signed SSL website from your web-browser, you will get an self signed SSL warning such as this one in Google Chrome. You can simply safely click on Proceed anyway to still get to the website.

self signed ssl warning click proceed anyway

When you're on your website if you click on the SSL padlock icon, you can see the reason we got a warning is because the website's identity has not been verified. This is because we used a self-signed SSL certificate and it wasn't verified by a 3rd party certificate authority

self signed ssl info
  1. click generate certificate

    Access the cPanel SSL/TLS Manager

    Click on Generate, view, upload, or delete SSL certificates

  2. fill out details for self signed ssl certificate click generate

    Scroll down to the Generate a New Certificate section and fill out all of the details for your self-signed SSL certificate, click Generate

  3. copy self signed certificate text

    On the next page, click in the Encoded Certificate text-box, then hit Ctrl-A to select all the text, and then Ctrl-C to copy it.

Install 3rd party SSL certificate

If you sent off your CSR to a certificate authority, you should have gotten back a matching SSL certifcate that you can now go back and install on the server to use for your website.

  1. click generate certificate

    Access the cPanel SSL/TLS Manager

    Click on Generate, view, upload, or delete SSL certificates

  2. paste or upload your ssl certificate

    Now either paste your certificate info into the Paste your certificate below box and click Save Certificate

    Or click Choose File to browse your local computer for the certificate file and click on Upload Certificate

Activate SSL certificate on web site

Now that you've generated a private key, generated a CSR, and installed a SSL on your account, you should be ready to activate that SSL certificate for your website.

  1. click setup an ssl certificate to work with your site

    Access the cPanel SSL/TLS Manager

    Click on Setup an SSL certificate to work with your site

  2. select ssl domain click autofill by domain

    From the Domain drop-down, select the domain you're installing your SSL certificate on, and then click Autofill by Domain

  3. click install certificate

    In this case you can see it's warning us that the Issuer is self-signed which is fine. If you actually installed a 3rd party verified certificate you shouldn't see this warning.

    Click on Install Certificate

  4. ssl certificate installation success

    You should see a pop-up saying the SSL was successfully configured, then just click OK

 

You should hopefully now understand how to use the cPanel SSL/TLS Manager to either generate a CSR or get a SSL certificate installed on your website.

Did you find this article helpful?

We value your feedback!

Why was this article not helpful? (Check all that apply)
The article is too difficult or too technical to follow.
There is a step or detail missing from the instructions.
The information is incorrect or out-of-date.
It does not resolve the question/problem I have.
How did you find this article?
Please tell us how we can improve this article:
Email Address
Name

new! - Enter your name and email address above and we will post your feedback in the comments on this page!

Like this Article?

Comments

Post a comment
2013-12-03 8:12 pm
Would this procedure allow secure email on a VPS using the domain associated with the certificate, or is using WHM and requiring root access still needed (If you have root access, you can go to WHM and then Manage Service SSL Certificates, and install a new certificate for Courier (POP3) Mail Server for receiving mail via POP3 , or Courier (IMAP) Mail Server for receiving mail via IMAP, and Exim (SMTP) Server for sending mail.)?
Staff
15,484 Points
2013-12-03 9:21 pm
Hello Tim-etown,

Reseller accounts will allow you to install a SSL certificate. Yes, this only applies to the domain for which the certificate was created. Reseller accounts do not require Root access for the installation. I hope this helps to answer your question! Please let us know if have any further questions or concerns.

Regards,
Arnel C.
2013-12-04 12:34 pm
Arnel:
Sorry, that did not come close to answering my question.
1) I asked about VPS accounts, not reseller accounts (as I was upsold to a VPS instead of the reseller hosting packages)
2) I asked if installing an SSL certificate for a specific domain name, using the described procedure on this page, also applied that certificate to the POP3, IMAP and SMTP services (subdomains) for that same domain.

Hope you can answer those questions.
Staff
15,308 Points
2013-12-04 12:54 pm
Hello tim-etown,

Thank you for your question. If the SSL is for a specific domain on the VPS, then you would not be able to set the email services to work with POP3, IMAP and SMTP services for just that domain. You would want to add a specific SSL for the VPS itself and set that one to cover these services.

The reason being that all domains on the VPS will need to use the same SSL setup if you configured an SSL to cover the email services.

I hope this better answers your question.

Kindest Regards,
Scott M
n/a Points
2014-04-10 9:19 pm

you have any idea, how to install create ssl and install on ftp.for free not spent, for my creation.??????

Staff
15,484 Points
2014-04-10 9:50 pm
Hello,

In order to create a genuine SSL certificate you would need to have a certificate generated from a provider like Comodo (the certificate provider for InMotion). This is not something that you can install through FTP. The article above describes the installation steps. If you're on a business account (shared server) you'd have to have the certificate installed through technical support. Otherwise, you would have to have root access to the server (VPS/dedicated servers) and go the process of installing the certificate as described above. You can purchase a FREE certificate from Comodo here. However, it's only limited to 90 days. However, if you look around at SSL prices you may be surprised at the prices. If you want further info on SSL Certificates that you can purchase in AMP, please go here.

Regards,

Arnel C.
n/a Points
2014-04-23 5:20 pm

This article appears to refer to an old version of cPanel, where it was still possible to "upload" a certificate.

If I have an approved Comodo certificate that I wish to import and use, how do I do that?

Staff
15,484 Points
2014-04-23 6:40 pm
Hello Ben,

Sorry for the confusion. Here's the statement above: "The latest cPanel 11.38 release comes with a new SSL/TLS Manager which is available to cPanel users when enabled in WHM.". In order for you to see it, the option would need to be enabled in WHM. This really applies to Dedicated or VPS accounts where the admin can enable it for their users.

As for the Comodo certificate, you can submit a ticket to the support department in order to have the certificate applied to your account.

I hope this helps to explain the issue. Apologies again for the confusion.

Regards,
Arnel C.
n/a Points
2014-06-05 12:09 pm

Hi, thanks for the tutorial, I followed it but stopped at the step : 

Activate SSL certificate on web site

I don't have the link : Setup an SSL certificate to work with your site

So I can't really link my domain to the SSL certificate! 

 

Any idea why I don't get this link ? That's a dedicated server and have full control on the server for information. 

 

Thankas for your help in advance :) 

Staff
7,372 Points
2014-06-05 12:13 pm
If you do not see this, you may need to contact technical support to have it enabled for you.
n/a Points
2014-07-15 3:26 pm

I am stuck at the same step as Matthieu.  What was the solution/outcome for this problem?

Staff
15,484 Points
2014-07-15 4:35 pm
Hello Michael,

As per Jeff's response, if you're not seeing the link, then it may be that you are not able to setup the SSL certificate. It would require that you Contact our live support team and they can set it for you. I will have the article reviewed in case there needs to be an update. Apologies for any frustrationi with the issue.

Regards,
Arnel C.

Post a Comment

Name:
Email Address:
Phone Number:
Comment:
Submit

Please note: Your name and comment will be displayed, but we will not show your email address.

News / Announcements

WordPress wp-login.php brute force attack
Updated 2014-07-17 06:43 pm EST
Hits: 201633

Related Questions

Here are a few questions related to this article that our customers have asked:
Ooops! It looks like there are no questions about this page.
Would you like to ask a question about this page? If so, click the button below!
Ask a Question

Need more Help?

Search

Ask the Community!

Get help with your questions from our community of like-minded hosting users and InMotion Hosting Staff.

Current Customers

Chat: Click to Chat Now E-mail: support@InMotionHosting.com
Call: 888-321-HOST (4678) Ticket: Submit a Support Ticket

Not a Customer?

Get web hosting from a company that is here to help. Sign up today!