Installing SSL certificates

Expertise level: Medium

Configuring secure HTTPS access using SSL

SSL stands for "Secure Socket Layer". When you are using https:// to access your site, the data is transferred in an encrypted format . This can be useful for highly sensitive data transfers like credit card numbers, passwords etc.

To set up an SSL, you will need to have a dedicated IP address for your site and an SSL certificate from a Certificate Authority.

A dedicated IP address for your site:

To be functional, an SSL certificate requires a dedicated IP address. You need to make sure that your domain resolves to one of the dedicated IP addresses on the server. The SSL certificate will not be functional if your domain points to the server's primary IP address

The wildcard certificate (*.domaine.com) does not work on a WHM/cPanel server. This is a WHM limitation. You have to create a cPanel account for each subdomain requiring an SSL certificate. While the SSL certificate creation, you have to adjust the "Domain field" to match the subdomain name.

  • In order to change the IP address of a domain, please refer to the article: "How can I change a site's IP address through WHM?".
  • If you are using external DNS server, you must first update the external DNS zone with the new dedicated IP address, and wait until your domain resolves to the new IP before changing the IP address in WHM.

Note:

Changing the IP address of an account may result in a short period of inaccessibility for the website. 

Getting a SSL certificate:

  • In order to get a SSL certificate, you need to create a Certificate Signing Request (CSR) and send it to the Certificate Authority.
  • You will then receive the SSL certificate from the authority.
  • After receiving the certificate, you will need to install it on the server.

GENERATING A CSR AND INSTALLING A SSL CERTIFICATE 

Follow this procedure to generate the CSR:

  1. Connect to your WHM interface as root.
  2. Go to the "SSL/TLS" section and click on the "Generate a SSL Certificate and Signing Request" icon to create the CSR.
  3. Type in the requested information for your secured domain.
  4. Click on "Create".
  5. Copy and paste the CSR section "Signing Request" in a text file so you can provide it to the Certificate Authority.

Refer to the following screen captures:

ssl.png

 

ssl2-en.png

 

ssl3.png

 

When the Certificate Authority will provide you the SSL certificate, you will need to install it.

 

Follow this procedure to install the SSL certificate:

  1. Connect to your WHM interface as root.
  2. Go to the "SSL/TLS" section and click on the "Install a SSL Certificate and Setup the Domain" icon in order to install the SSL certificate.
  3. Into the "Domain" box, type in the domain for which the SSL certificate has been created.
  4. Now click anywhere on the window, the empty fields will fill in automatically.
  5. You will need to replace the first section that refers to. crt (-----BEGIN CERTIFICATE-----) by the new CRT (SSL certificate) you have received from the Certificate Authority.
  6. Click on "Submit" to complete the installation.

You can also add the "ca bundle" into the appropriate field if desired.

 

Refer to the following screen captures:

ssl-1-2.png

 

ssl4-en.png

 

ssl5-en.png

Have more questions? Submit a request

0 Comments

Article is closed for comments.
Powered by Zendesk