Introduction

Securing your website with an SSL certificate is a multi-step process. Before you can install the certificate in cPanel, you must first complete the validation and issuance steps.

Prerequisites

A server with WHM/cPanel, along with root access.
A domain configured in WHM.
An SSL certificate associated with the domain, including the Private key and Certificate Signing Request.

Generate the CSR on the server

If the CSR was generated on this server, you should already have the Private Key installed. For help, follow the link found below.

If you do not currently have an SSL, please ensure you have completed the following steps before proceeding with this guide:

Generating an SSL Certificate Signing Request (CSR) in cPanel
- You must generate a CSR on the server where the site is hosted.
Ordering an SSL Certificate
- Purchase the certificate using the CSR you generated.
Verifying an SSL Certificate
- Complete the domain validation process to have the certificate authority issue your files.

Once you have received your certificate files (usually a .crt and a CA Bundle), follow the steps below to install them in cPanel and secure your site.

Step-by-Step Instructions

Log into WHM.
In the left navigation, click on Install an SSL Certificate on a Domain in the SSL/TLS section. You can also search for “SSL.”
Type in the Domain for which you have purchased the SSL. The IP address will automatically populate based on the domain.
Paste the whole X509 certificate into the Certificate field.
Copy and paste the whole private key from your CSR into the Private Key field.
Click Install. The Certificate Authority Bundle will auto-populate.
You’ve successfully installed an SSL certificate on your domain!

Next Steps

Run your domain name through our SSL checker to ensure you installed everything correctly.
Force visitors to the secured version of the site using various methods, including plugins, or the apache htaccess file.

Frequently Asked Questions (FAQ)

The Private Key was created on your server at the same time you generated your CSR. If you created the CSR in cPanel, the key is saved in the SSL/TLS menu under “Private Keys (KEY).” If you have lost the Private Key, you cannot install the certificate; you must generate a new CSR and reissue the SSL.

In most versions of WHM/cPanel, this field will auto-populate after you paste your Certificate (CRT). If it does not, you can locate the CA Bundle in your Liquid Web account dashboard (or the email from the certificate provider) and paste it manually.

Installing the certificate enables HTTPS, but it does not automatically force visitors to use it. You must configure a redirect to send all traffic from http:// to https://. See our guide on Redirecting URLs Using htaccess. You should also check your site for “mixed content” (images or scripts loading over HTTP). If you are using WordPress, there are plugins that grant this functionality.

No. Modern servers support SNI (Server Name Indication), which allows multiple SSL certificates to exist on a single shared IP address.

You can, but it is not necessary. WHM has a included Let’s Encrypt as a provider in the built-in “AutoSSL” feature that automates the entire process (CSR, validation, and installation) for you. This manual guide is best for paid, Organization Validated (OV), or Extended Validation (EV) certificates.

Click here to learn how to setup Let’s Encrypt in WHM.

Yes. When installing a Wildcard SSL, simply enter the domain with the asterisk (e.g., *.example.com) in the Domain field. The rest of the steps remain the same.

Was this article helpful?

Thank you for your input.

Thank you for your feedback.