Installing an SSL Certificate in cPanel
Installing your cPanel SSL Certificate
The following instructions are for cPanel 11. If you have a different version of cPanel, you will go through a similar process but you may need to ask your web host for specific instructions.
- Download your Intermediate and Primary Certificate files from your provider to the directory where you will keep your certificate and key files.
- Login to your cPanel control panel.
- Find and click on SSL/TLS Manager.
- Click on Generate, view, upload, or delete SSL certificates.
- Under the Upload a New Certificate section, click on the Browse button and find your Primary Certificate (yourdomain.crt) that you downloaded in the first step. Or if you have copied the contents of your primary certificate from the email, paste it in the box labeled: “Paste the crt below”. To access the text version of your certificate, open it with a text editor. When copying and pasting your certificate, include the BEGIN and END tags.
- Click the Upload button.
- Click Go Back and click Return to SSL Manager at the bottom of the page.
- Click on Setup a SSL certificate to work with your site. If this option is not available, your web host may have disabled it. You will need to contact them about how to install the Intermediate certificate.
- Select the domain you are using from the Domain drop down menu. The system will attempt to “Fetch” the SSL Certificate and private key for you. If this doesn’t work, you may need to contact your web host.
- In the box labeled Ca Bundle paste the contents of the Intermediate certificate (gd_bundle.crt).
- Click Install Certificate. Your SSL certificate should now be installed, and the website configured to accept secure connections. You or your web host may need to restart Apache before it will work.
Troubleshooting:
- If your web site is publicly accessible, our SSL Certificate Tester tool can help you diagnose common problems.
- Open a web browser and visit your site using https. It is best to test with both Internet Explorer as well as Firefox, because Firefox will give you a warning if your intermediate certificate is not installed. You should not receive any browser warnings or errors.
Manual Intermediate Certificate Installation
If the Intermediate certificate was not correctly installed using the above instructions you may need to install it directly in Apache. If you do not have access to the Apache configuration files you will need to have your web host or administrator follow these instructions to install the Intermediate certificate:
- Locate the Virtual Host File:
On most Apache servers the Virtual Sites are configured in the /etc/httpd/conf/httpd.conf file. However, the location and name of this file can vary from server to server — Especially if you use a special interface to manage your server configuration. Another common name for the file is ‘SSL.conf’. If you open the file with a text editor, you will see the configurations for the virtual hosts that are housed on the server. The virtual host configurations are probably found near the end of the file. - Identify the secure Virtual Host for your site:
Locate the Virtual host configuration for the site you are securing. It will have the proper name and IP address (including port 443). - Configure the Virtual Host For SSL:
cPanel has already setup the first three SSL configuration lines for you. Now you will edit your Virtual Host configuration by adding the ‘SSLCertificateChainFile’ line below (this line is bolded).<VirtualHost 192.168.0.1:443>
DocumentRoot /var/www/html2
ServerName www.yourdomain.com
SSLEngine on
SSLCertificateFile /path/to/your_domain_name.crt
SSLCertificateKeyFile /path/to/your_private.key
SSLCertificateChainFile /path/to/gdcert.crt
</VirtualHost>Of course, the path and names of your certificate files may be different. When typing the path for your SSLCACertificateFile, type the path and filename you plan to use when saving your intermediate certificate. It is generally advised to save your intermediate certificate in the same directory that cPanel already saved your primary certificate to.
- Save the changes to your configuration file.
- Save the Intermediate Certificate file to the Server:
Verify that the Intermediate Certificate file (gdcert.crt) is saved to the path you configured above. - Restart Apache.