SSL Certificate and cPanel

This web hosting tutorial describes what an SSL certificate is, why you need an SSL certificate on your website & how to install an SSL certificate in cPanel.

What is an SSL certificate?

As engineers, we often work with businesses to manage their infrastructure.

Part of this process is making sure that every aspect of the system that we manage is optimized and secured.

One the question we are often asked by customers running their website/application without any kind of encryption is, "so what does SSL certificate mean and why do I need it?".

This seem to be the right question to tackle as we try to understand how to install an SSL certificate in cPanel.

It all started with HTTP,

HTTP ... a protocol designed in the early 1990s defines how messages are formatted and transmitted and was built on top of TCP.

 

TCP (developed under the sponsorship of the Department of Defense and designed in the 1970s by two DARPA scientists Vint Cerf and Bob Kahn) stands for Transmission Control Protocol and it is the commonly used protocol on the Internet.

When you load a web page, your computer sends TCP packets to the web server’s address, asking it to send the web page to you.

A web server responds by sending a stream of TCP packets which your web browser stitches together to form the web page and display to you.

The recipient sends messages back to the sender saying it received the messages.

TCP guarantees the recipient will receive the packets in order by numbering them.

If the sender does not get a correct response, it will resend the packets to ensure the recipient received them.

But TCP wasn't really built with security mind as it was used by only a few institutions at the early stage of its existence.

The Whole Internet In 1973

Internet in 1973

Back then, the World Wide Web (known as the ARPANET) consisted of just 42 computer hosts connected to 36 nodes spread across the United States.

This means it was built to be used by those who trusted each other.

 

But as the internet grows and well ... it become what it is today, it was realized that there were a number of serious security flaws inherent in the protocol regardless of the correctness of any implementations.

So an intermediate layer called SSL was put between TCP and HTTP and this is commonly referred to as HTTPS.

SSL gets HTTP messages, encrypts them, sends them over TCP and decrypts them again at the other end.

HTTPS URLs begin with "https://" and use port 443 by default, whereas HTTP URLs begin with "http://" and use port 80 by default.

SSL digital certificates are used by client systems to make authenticated requests to a remote server.

It plays a key role during the SSL handshake and provide strong assurances of the requester's identity.

It also encrypts the data between the web server and a browser so that credit card transactions, social security numbers, legal documents and contracts, usernames, passwords, emails, etc that are being transmitted cannot be eavesdropped on by non-authorized parties.

Why do you need an SSL certificate?

Security & Protection

SSL session via HTTPS not only encrypts all message contents, including the HTTP headers and the request/response data, it also provides authentication.

Server must have a certificate signed by a well known certification authority (CA) that proves its identity.

Without authentication, encryption is useless as an attacker using what is called a man-in-the-middle (MITM) attack could trick you into thinking that his, is the server you want to connect to.

You often will see this when someone creates a fake webpage and once you visits it, the website will force-download something malicious (malware, virus, etc) onto your computer.

To be fully protected though, a website must be completely hosted over HTTPS, without having part of its contents loaded over HTTP.

So if you have only a certain page that contains sensitive information (such as a log-in page) of a website loaded over HTTPS, while the rest of the website loads over plain HTTP, the data being passed and the session is still exposed and will be vulnerable to attacks.

Better Google SEO ranking.

It is true that there are several factors that determine how much search engines love your website.

These will include your site speed, mobile-friendliness and others.

The faster your website, the more people will visit and the higher you’ll appear in search results.

That is why it is important to always host your website with a modern web host that have optimized its hosting platform for speed as 2cPanel.

But Google recently updated its search engine ranking algorithm to include a preference for secure websites too.

This means that if you want to get a better search (SEO) rank position, you must also show that your website is secure by installing an SSL certificate on your website.

Strengthens your brand identity

Years back, only few web engineers truly appreciate the need for encryption.

More-so only few website owners actually recognize the need for such security or know about SSL certificates.

The world has changed a lot since those days as each new day brings with it another case of massive breach in both government and business sectors.

Online users are now wiser and more discerning to what kind of website they do business with.

Having an SSL certificate on your website helps you establish trust and online security for your website visitors and business.

Without an SSL certificate, 97% of users to your website will probably not do business with you.

How does visitors know that my site has an SSL certificate?

Well, there always be these two first clues (the last two are optional):

  • a padlock to the left of a URL.
  • https URL prefix instead of http
  • a green address bar (if it is an EV SSL certificate)
  • a trust seal (if installed)

PCI Compliance

In order to accept credit card information on your website, you must pass certain audits that show that you are complying with the Payment Card Industry (PCI) standards.

One of its requirements is the use of an SSL Certificate on your systems.

How to get an SSL certificate.

You can head to this page now and purchase a low-cost SSL certificate within minutes.

2cPanel not only combine the best of everything that a web hosting company has to offer: un-matched award-winning support, super-fast website hosting, cloud cPanel control panel, but we also offer a suite of certificates to meet every need.

Starting with our Universal SSL that ensure that each account on our server (no matter what region it is being hosted on) is secure from the start, we also offer cheap, easily-affordable SSL certificates to customers that might need private SSL.

So, hosting with us means that you will get a free SSL certificate for each website or application.

How to install SSL certificate in cPanel.

AutoInstall SSL

AutoInstall SSL a revolutionary technology solution that simplifies the entire SSL certificate enrollment and installation procedures needed to successfully secure a website.

It works with various SSL certificate brands/types and incorporates their specific life cycle processes while seamlessly working with our web hosting control panel.

AutoInstall SSL seamlessly handles every step required for your SSL certificate installation such as CSR generation, validation, installation, reissue automatically with minimal human intervention.

AutoInstall SSL works with a simple token.

That’s right!

Token!

Every certificate that is sold comes with one unique, identifying number called the Token.

This Token is the key to harnessing the power of AutoInstall SSL.

Once you as the customer has purchased an SSL certificate, you will obtain your “Token” for the order.

And all you need to do is to input this token into our AutoInstall SSL interface in cPanel.

Voila!

The system will automatically generates the CSR, validates the domain, installs the certificate, and verify that the installation is complete without you needing to do anything else.

To start, simply login to our billing system as an existing customer.

Hover your mouse over the "Services" tab on the top-left side of the window.

2cPanel SSL Certificate

You can also visit 2cPanel Shopping Cart or our SSL certificate page to see all available SSL certificates that you can purchase.

Just select the one you need and follow the prompts to complete the order.

If you are unsure what to use, use the live chat tool below and chat wit one of our Sales representatives.

Once you click on "Complete Order", you will receive an automated email with the token.

This number is used during the AutoInstal SSL to identify the specific certificate you need to install.

You can also find your token when you access the billing or customer dashboard by visiting "My Orders" => "View Details".

2cPanel AutoInstall Token

It will be listed at the bottom of the page.

Now that you have your token, login to your cPanel control panel.

Scroll down to the "Security" section and click on the "AutoInstal SSL" icon.

2cPanel AutoInstall

Enter your token on the next page and then, select the domain or webspace for the SSL certificate and click "Verify Token".

2cPanel AutoInstall Token

On the next screen enter your CSR Details, Admin and Technical contact information.

Click on "Activate & Install SSL Certificate".

This will start the automatic installation process of your SSL certificate and you will see in real-time each step of the process.

The AutoInstall SSL installation process varies in time, as it is largely dependent on the API response time of the Certificate Authority (CA).

In our experience, both RapidSSL and Comodo certs typically take around one minute to install, while the more premium brands like Symantec, Thawte, and GeoTrust, can take around 5 minutes to install.

While response times can very, it typically takes just minutes and is significantly quicker than performing manual installation and generating the CSR yourself.

If there is an error, the process will pause and you will be directed to the cause of the issue and its solution.

Once the process has been completed and your SSL certificate installed, just visit your website and you will see that it is now running under "HTTPS".

Does AutoInstall SSL work with OV/EV certificates?

AutoInstall SSLTM works with both OV and EV certificates, but you must go through the validation process before installation can be complete.

If you have not completed the full validation process for these certificates and attempt to use AutoInstall SSL, the process will pause during the installation process and you will be informed which validation step(s) you have yet to complete.

How do I secure my subdomain(s)?

To secure your subdomain(s) along with your main domain, you will need to purchase a Wildcard certificate.

Fortunately, these can be installed via AutoInstall SSL and the process is mostly the same.

Once you have purchased your Wildcard certificate and have gotten your Token, you can login to your cPanel hosting control panel.

Click on the AutoInstall SSL icon, and insert the Token.

Once this is done, the Domain/webspace bar will appear, and under it will be a button that reads, “Retrieve Sub-Domains”.

Once you click on “Retrieve Sub-Domains” button, a list of all of the subdomains associated with that domain will appear.

You then have the option to select all of your subdomains or pick and choose which ones you want to secure.

Can I use AutoInstall SSLTM to renew my SSL certificate(s)?

Yes, you can use AutoInstall SSLTM to renew an SSL certificate.

Technically, renewing an SSL certificate is the same as buying a new certificate.

So, if you have an active certificate you wish to renew, you can go through the purchasing process using AutoInstall SSL and our system will recognize the purchase as a renewal.

Purchase SSL Certificate via cPanel

Customers can also login to cPanel, scroll down to Security, then select SSL/TLS Wizard to purchase Comodo/Sectigo SSL certificates through this interface.

The SSL/TLS Wizard interface allows you to easily purchase and install SSL certificates for domains on your account.

The beauty of it is that you also do not need to do anything as cPanel does everything for you.

It also lists purchased certificates that an SSL certificate provider has yet to deliver.

Please note that you must possess a cPanelID user account in order to purchase SSL certificates through this interface.

cPanelID is the username and password combination for the cPanel Store, the cPanel Ticket system.

To start, simply login to our billing system as an existing customer.

Hover your mouse over the "Services" tab on the top-left side of the window.

2cPanel SSL Certificate

You can also visit 2cPanel Shopping Cart or our SSL certificate page to see all available SSL certificates that you can purchase.

Just select the one you need and follow the prompts to complete the order.

If you are unsure what to use, use the live chat tool below and chat with one of our Sales representatives.

To purchase a certificate or certificates for domains on your account, perform the following steps:

  • Log in to cPanel.
  • Scroll down to the "Security" section of your control panel.
  • Select the "SSL/TLS Wizard" option.
  • When the page loads, select the checkbox next to each domain name that you wish to secure with a certificate. Use the pagination, search, and filter controls to navigate through the table.

    Your server will attempt a Domain Control Validation (DCV) check of each domain that you select, but will not allow you to purchase a domain for a website if the list contains a domain with an IP address that does not resolve to your server.

  • Click Done to continue.
  • Click Continue to display a list of certificates that are available for purchase.
  • Select the desired certificate.

    The interface lists any domain and certificate selection issues that it detects. You must resolve red critical warnings.

    We strongly recommend that you resolve yellow alerts. After you resolve the critical issues, the interface will display your domain and certificate selections for confirmation.
  • To edit the domain list or select a different certificate, click the appropriate green edit button and make your changes.

    If you selected an EV or OV certificate in the previous step, a new tab will appear, in which you must enter information about your organization. The certificate authority (CA) will use this information to validate your organization.

  • Click Check Out to proceed to the cPanel Store.

  • Now log in to the cPanel Store with your cPanelID account.

    Your cPanel server will upload your shopping cart to the cPanel Store, and your browser will redirect you to the cPanel Store interface.

  • Confirm your payment information, or make any necessary changes.
  • Click Pay Now to confirm that you wish to purchase the certificates, or click Cancel Transaction to cancel the transaction. The cPanel Store will process your purchase, and your browser will redirect you to the SSL/TLS Wizard interface.
  • Click View Pending Certificates to display a list of certificates that you have purchased. The cPanel Store will automatically send you a copy of the certificate.

If you have opted to buy Organization Validated (OV) certificates and Extended Validation (EV) certificates, the validation process takes between three and 30 days.

The certificate issuer requires this time to validate the information about your business.

EV certificates need more time to issue than OV certificates due to more stringent requirements.

If the cPanel Store fails to redirect you back to this interface, the the certificate has to be installed manually.

Just let our team know and we will take care of this for you.

 

But if you are feeling adventurous or have done this before and want to do this on your own, then:

Log in to cPanel and scroll down to Security >> SSL/TLS.

Use the form in the Install an SSL Website section to install a certificate.

There are three different methods you can use to install a certificate:

  1. Click Browse Certificates.
  2. Search by domain.
  3. Manually enter the information.

To use Browse Certificates to install a certificate, perform the following steps:

  • Click Browse Certificates.
  • Click the button that corresponds to the desired certificate.
  • Click Use Certificate to return to the Install an SSL Host section. The certificate's information will appear in the text boxes.
  • Enter the appropriate information in the Certificate Authority Bundle: (CABUNDLE) text box.
  • Click Install Certificate. A success or failure message will appear.

To search by domain to install a certificate, perform the following steps:

  • Select the desired domain in the Domain menu.
  • Click Autofill by Domain.

    The interface will attempt to retrieve and enter the certificate information.

    • If this step succeeds, the available text boxes will contain the appropriate information.
    • If this step does not succeed, the text boxes will remain empty.

  • Click Install Certificate. A success or failure message will appear.

To manually enter the information to install a certificate, perform the following steps:

  • Select the desired domain in the Domain menu.
  • Enter the certificate information in the Certificate (CRT) text box.
  • Enter the private key information in the Private Key (KEY) text box.
  • Enter the certificate authority information in the Certificate Authority Bundle (CABUNDLE) text box.
  • Click Install Certificate. A success or failure message will appear.

That is how to purchase and install an SSL certificate in cPanel, folks!

If you have any questions on this or have seen an error in our little write-up, please contact us via chat on our website or at support@cpanelcontrolpanel.com