Knowledgebase

To install an SSL certificate for your website, you first need a dedicated IP address. Submit a request to have one installed for your web hosting account.

What is an SSL certificate?

An SSL certificate gives your website an extra layer/level of security so that sensitive information is protect (such as credit card details and passwords). As a matter of fact, all on-line stores use SSL certificates to conduct e-commerce activities! To determine whether a website has an SSL certificate, look at the Address Bar in your web browser; you should see "https" instead of "http" at the beginning of the address. The "https" signifies that the URL is secure.

The SSL Certificate Generation process is a four-step process. This tutorial will cover all four parts.

Part 1: Generate a private key for your domain.

The first step in configuring a SSL certificate for your domain is to generate a private "key" for your domain in cPanel. The process is simple but it must be done in order for you to continue.

Step 1: Log into cPanel.

To log into cPanel, you should go to http://www.yourdomain.com/cpanel/ (where www.yourdomain.com is replaced by your account domain name).

Step 2: Locate and click on the SSL Manager link.

This link is normally found towards the bottom of the screen.

Step 3: Click on the Private Keys (KEY) link.

This link is normally the first option available on the screen.

Step 4: Generate Key for your domain

This is an extremely simple procedure. Scroll down to the middle of the page and locate the section entitled Generate a New Key. In this section, select your domain name from the dropdown box pre-filled with (Select a Domain). Press the Generate button and you are done!

You now have a Private Key for your domain and can proceed to Part 2.

Part 2: Generate a CSR

The second step in installing an SSL certificate is to request a certificate from a third-party certificate issuer. The second part of this tutorial describes how to generate a Certificate Signing Request (CSR) in cPanel that is sent to an SSL ceritificate issuer (such as GeoTrust, InstantSSL, or VeriSign).

Which company should I choose for my certificate issuer?

We recommend InstantSSL (http://www.instantssl.com) as an affordable company to purchase your SSL certificate from. Certificates are normally issued within in minutes so the process is smooth and quick.

Note: For the purposes of this tutorial, we will assume that you will be purchasing your certificate from InstantSSL (though the process is similar with other SSL companies).

Follow the steps below to generate the CSR:

Step 1: Log into cPanel.

To log into cPanel, you should go to http://www.yourdomain.com/cpanel/ (where www.yourdomain.com is replaced by your account domain name).

If you are already logged into cPanel, head back to the main screen (usually by clicking Home at the top of the page).

Step 2: Locate and click on the SSL Manager link.

This link is normally found towards the bottom of the screen.

Step 3: Click on the Certificate Signing Requests (CSRs) link.

This is normally the middle link in a set of three available options.

Step 4: Compete the CSR Generation form.

You will be presented with a list of active CSRs (if you have performed these steps in the past to generate a CSR). If you do not have any pending CSRs, you will see the following message:

No SSL CSRs Found

You will also see a form with the heading Generate a New Certificate Signing Request. Complete this form according to the guide below:

Country: In this field, enter the two-character abbreviation of the country of your company. For example, the United States of America would be abbreviated as "US".

State: In this field, put the unabbreviated form of the State of your company/organization. For example, Texas could not be entered here is "TX" but as "Texas".

City: In this field, put your City.

Company: In this field, put the name of your company/organization. If you are single person, you do not have to put anything in this field.

Company Division: In this field, you may put a division related to the activities that this SSL-enabled website will be handling. Examples could be "Online/e-Commerce" or "Web Design/Development".

Email: In this field, put the e-mail address of the administrator of the website. This e-mail address will show if anybody requests information about the certificate when browsing your SSL-enabled website. You can put your own e-mail address here too if you would like to.

Pass Phrase: This is a special field that you should complete with a password for future management of the certificate. Please remember this password and type it carefully.

Step 5: Press the Generate button to generate the CSR.

After you've verified the details in the form and have clicked the Generate button, a CSR will be generated and displayed as well as sent to you by e-mail.

You will see a page with the following heading:

Certificate Signing Request Generated!

This will be followed by a strange field of text similar to the following:

-----BEGIN CERTIFICATE REQUEST-----
MIICFzCCAYACAQAwgZ8xCzAJBgNVBAYTAlVTMQ4wDAYDVQQIEwVUZXhhczETMBEG
A1UEBxMKU3VnYXIgTGFuZDEXMBUGA1UEChMOYnVuZ2VlQ29kZSBsbGMxEDAOBgNV
BAsTB1N1cHBvcnQxGjAYBgNVBAMTEW15ZmFzdHN1cHBvcnQuY29tMSQwIgYJKoZI
hvcNAQkBFhVuaXlvZ2lAYnVuZ2VlY29kZS5jb20wgZ8wDQYJKoZIhvcNAQEBBQAD
gY0AMIGJAoGBANGAOSml+BjE2pXjQEZkq342W6+DkMLW/hp00SOF12oaUUHyvcH6
7B8glY2VfdgXrXMp4zm3DZwlEYNIUwklAHngLl3BKun4y5Mmhd+/xE8c3+X0uNaP
0n7M0Npd+LjbfU45Rx1oNqGNOZTzmrOcqlbdKWm5X6q+AzPae85+jrglAgMBAAGg
NzAWBgkqhkiG9w0BCQcxCRMHamF5YW50aTAdBgkqhkiG9w0BCQIxEBMOYnVuZ2Vl
Q29kZSBsbGMwDQYJKoZIhvcNAQEEBQADgYEAFM4LyeWoY3qGMzpwR0APVnIsUI4o
nF3kGiem7Yw/oRXOrBi7lXs7oR6UVJQN5J/JuCzq6jHq6kE96aJ/vljWpE1CmQ4n
0I+NTPYLb+6jgtNDicos8vWxXb7kTGbipYllm0hGTSxwIGpxSzJgR/zu8hQJatpv
kd1aNWvM7/m1fck=
-----END CERTIFICATE REQUEST-----


Save this in a text file on your computer with the name csr.txt as you will need it in Part 3 when you you request a SSL certificate with the CSR.

Part 3: Request the SSL Certificate

Now that you have the CSR, you can request an SSL Certificate from InstantSSL (http://www.instantssl.com)

Visit the InstantSSL website and purchase an SSL certificate (usually $49/year) and wait for the certificate to be sent to you by e-mail.

For validation/verification purposes, SSL issuers may ask for proof of personal or corporate identity before issuing the certificate.

Part 4: Install the SSL Certificate

By now, you should have been issued a certificate for your domain. This file is usually in the format yourdomain.com.crt. Now you should install it on your domain.

Step 1: Log into cPanel.

To log into cPanel, you should go to http://www.yourdomain.com/cpanel/ (where www.yourdomain.com is replaced by your account domain name).

If you are already logged into cPanel, head back to the main screen (usually by clicking Home at the top of the page).

Step 2: Locate and click on the SSL Manager link.

This link is normally found towards the bottom of the screen.

Step 3: Click on the Certificates (CRT) link.

This is normally the last link in a set of three available options.

Step 4: Cut and paste text from your issued certificate file (or upload crt file).

The crt file issued to you by InstantSSL (or your preferred SSL certificate issuer) is really a text file that can be opened by Notepad. Therefore, open the file in notepad and cut and paste the contents into the large textbox with the heading Paste the crt below:.

You may also just select the crt file by pressing the Browse... button underneath the textbox and selecting the certificate from your locate computer.

Step 5: Press the Upload button to generate the certificate.

You're done! If you navigate to https://yourdomain.com/ , you're website will show up and also be secure!