Search our site for answers
Help Docs Security Overview SSL Certificates Guide Order an SSL Certificate

Order an SSL Certificate

SSL certificates secure web traffic with public key encryption. Verify website legitimacy with SSL. This article focuses on ordering SSL certificates.
Domain
6 min read

Introduction

Securing your website with an SSL Certificate is a standard requirement for protecting user data and building trust. If you are new to the concepts of encryption and https, we recommend starting with our overview: What is an SSL Certificate?

Ordering the certificate is the central step in the process, but it is part of a specific workflow. To successfully secure your site, you will follow these four stages:

  1. Preparation: You must first Generate a Certificate Signing Request (CSR) on your server.
  2. Ordering: (This Guide) Use the CSR to purchase the specific certificate type you need.
  3. Validation: After ordering, you must Verify your SSL Certificate to prove you own the domain.
  4. Completion: Once issued, you will Install the SSL on your server to finalize the security.

This guide walks you through Step 2: selecting the right plan and submitting your order via your Liquid Web account.

Prerequisites

Step-by-Step Instructions

Accessing the SSL Ordering Panel

  1. Log into your my.liquidweb.com account with your username and password, or sign in with Google SSO.
  2. Click on the Domains dropdown on the left-hand navigation menu, then select SSL.
  3. Click the Order a certificate button.

You are now ready to select your ordering method.

Manual Method

  1. Select Manual at the top of the ordering screen.
  2. Paste your Certificate Signing Request (CSR) into the provided form field.
  3. Click the Order certificate button at the bottom right to finalize the order.

Automated via WHM/cPanel

The following method automates the creation of a CSR, saving you a step if your server uses WHM/cPanel.

  1. Select the Automated with WHM/cPanel button at the top of the ordering screen.
  2. Choose the appropriate WHM server from the Server dropdown menu.
Active API Token Required for Automation
To use the Automated via WHM/cPanel ordering method, you must have an active API Token for WHM Remote Access configured on your server. If this token is not set up, the automated CSR generation and installation will fail. For step-by-step instructions on creating this token, please refer to our guide: API Tokens for Remote Access in WHM.

  1. Select the desired domain from the Domain dropdown menu.
  2. Select the type of verification method desired.
Choosing Your Verification Method: DNS vs. Meta Tag
Wondering which verification method to use? It usually comes down to what level of access you have and how permanent you need the solution to be:
  • DNS Record (Most Reliable): You’ll add a TXT record to your domain DNS Zone. (This could be located here, or at another DNS provider, such as: GoDaddy or Cloudflare). This proves ownership at the domain level. It’s the best long-term solution because your verification will stay intact even if you redesign your website.
  • Meta Tag (Fastest Setup): You’ll paste a snippet of HTML directly into your website’s <head> code. This is perfect if you only have access to your website’s admin panel (like WordPress) and need to get verified instantly without messing with DNS settings. The downside is that if you ever change your site’s theme or accidentally delete the code, your verification will break.

  1. Switch the Renewal toggle off if you do not want the SSL to auto-renew 45 days before the expiration for the same duration as this initial order.
  2. Check the Wildcard checkbox if you want to order a wildcard certificate.
Securing Multiple Subdomains: The Wildcard Certificate
If your website uses several subdomains (like shop.yourdomain.com, blog.yourdomain.com, and mail.yourdomain.com), managing individual SSL certificates for each one can quickly become expensive and time-consuming. This is where a Wildcard Certificate comes in handy:
  • How it Works: By using an asterisk in the certificate’s domain name (e.g., *.yourdomain.com), a single Wildcard SSL secures your primary domain and an unlimited number of its first-level subdomains.
  • The Benefit: It saves you money and simplifies server management since you only have to purchase, install, and renew one single certificate instead of juggling dozens of them.
  • The Catch: It only covers one level of subdomains. For example, *.yourdomain.com will protect dev.yourdomain.com, but it will not protect app.dev.yourdomain.com (that would require a separate certificate).

  1. Fill out the contact information that will appear on the certificate.
  2. Click Order certificate to finalize the order.

Next Steps

Now that you have successfully submitted your SSL certificate order, your website is not quite secure yet. You must complete the final two stages of the SSL workflow to activate your encryption:

  • Verify your SSL Certificate: Prove domain ownership to the Certificate Authority using the validation method you selected during the ordering process (DNS or Meta Tag).
  • Install the SSL on your server: Once the Certificate Authority verifies your domain and issues the certificate, you will need to install the provided files onto your server to finalize your security setup.

Frequently Asked Questions (FAQ)

Yes, a Certificate Signing Request (CSR) is required to purchase an SSL. However, if you are using a WHM/cPanel server, you can select the “Automated with WHM/cPanel” option during checkout, and the system will generate the CSR for you. If you aren’t using WHM/cPanel, you will need to generate the CSR manually on your server first.

The DNS Record method is always recommended, particularly if you manage your domain using Liquid Web’s provided DNS (though it also works perfectly if you have access to a third-party registrar like GoDaddy or Cloudflare). It is highly reliable and won’t break if you update your website’s design. The Meta Tag method is a great alternative if you only have access to your website’s dashboard (like WordPress) and need a fast setup, but keep in mind that the verification will fail if you ever accidentally delete the HTML code or change your site’s theme.

It covers your primary domain and an unlimited number of first-level subdomains (such as shop.yourdomain.com or blog.yourdomain.com). It will not cover multi-level subdomains (such as app.dev.yourdomain.com).

Not unless you want to! During the ordering process, the Renewal toggle is turned on by default. This ensures your SSL will automatically renew 45 days before its expiration date so you don’t experience any lapse in security. You can toggle this off if you prefer to handle renewals manually.

Not quite yet! Ordering is only step two of a four-step process. To finalize your security, you still need to verify your domain ownership and then actually install the issued SSL files onto your server.

Was this article helpful?