The latest cPanel 11.38 release comes with a new SSL/TLS Manager which is available to cPanel users when enabled in WHM. This manager gives you the ability to generate, view, or upload, private keys, Certificate Signing Requests (CSR), and certificates (CTR), and also allows the ability to activate an SSL certificate on your web site.
Enable SSL/TLS Manager in WHM for cPanel users
Before using the SSL/TLS Manager as a cPanel user, it first needs to be enabled in WHM’s Tweak Settings option.
Step 2 : In the top-left find box, type in tweak, then click on Tweak Settings
Step 3 : Type Allow cPanel in the top-right find box, then fill in On beside Allow cPanel users to install SSL Hosts if they have a dedicated IP, then clickSave
You should see WHM Updating tweak settings… and then when it completes it will say Done at the bottom.
Using the cPanel SSL/TLS Manager
Once you have the cPanel SLL/TLS Manager enabled in WHM, you can access it when logged into cPanel.
Step 1 : Login to cPanel
Step 2 : Under the Security section, click on SSL/TLS Manager
Generate Private Keys
Before generating anything else, we need to generate some Private Keys, these are used to decrypt information transmitted over an SSL connection. You need a separate Private Key for each SSL certificate you wish to use.
Step 1 : Access the cPanel SSL/TLS Manager, Click on Generate, view, upload, or delete your private keys
Step 2 : http://cdn.inmotionhosting.com/support/images/stories/cpanel/ssl-tls-manager/cpanel-create-new-private-key-click-generate.png
Step 3 : Now with your Private Key generated, click on Return to Private Keys
You should see the key you created listed
Step 4 : If you already have a Private Key not on the server, then under theUpload a New Private Key section, you can either paste in your key and click on Save, or you can click on Choose File to browse your computer for the key, and then click Upload
After you’ve already generated or uploaded your Private Key so it exists on the server, click on Return to SSL Manager
Generate CSR
Before getting an SSL certificate for your website, you need to generate a Certificate Signing Request (CSR). This request will include your domain name and company, as well as information specific to the server you’re hosting on.
Step 1 : Access the cPanel SSL/TLS Manager, Click on Generate, view, or delete SSL certificate signing requests
Step 2 : Fill out all of the fields for your CSR, then click Generate
Step 3 : You should now see the generated CSR, you can click in the text-box and then hit Ctrl-A to select all the text, and then Ctrl-C to copy it.
Step 4 : Now you need to take this CSR text generated from the cPanel server, and when you are purchasing a SSL certificate, the Certificate Authority that you buy it from will need to be supplied with it.
When asked the server type your CSR was generated on, you’d want to select RedHat Linux.
Generate a self-signed SSL certificate
If you just need your website data encrypted, and are not worried about web-browser warnings you can generate a self-signed SSL certificate for free.
When you access a self-signed SSL website from your web-browser, you will get an self signed SSL warning such as this one in Google Chrome. You can simply safely click on Proceed anyway to still get to the website.
When you’re on your website if you click on the SSL padlock icon, you can see the reason we got a warning is because the website’s identity has not been verified. This is because we used a self-signed SSL certificate and it wasn’t verified by a 3rd party certificate authority
Step 1 : Access the cPanel SSL/TLS Manager
Click on Generate, view, upload, or delete SSL certificates
Step 2 : Scroll down to the Generate a New Certificate section and fill out all of the details for your self-signed SSL certificate, click Generate
Step 3 : On the next page, click in the Encoded Certificate text-box, then hitCtrl-A to select all the text, and then Ctrl-C to copy it.
Install 3rd party SSL certificate
If you sent off your CSR to a certificate authority, you should have gotten back a matching SSL certifcate that you can now go back and install on the server to use for your website.
Step 1 : Access the cPanel SSL/TLS Manager
Click on Generate, view, upload, or delete SSL certificates
Step 2 : Now either paste your certificate info into the Paste your certificate below box and click Save Certificate
Or click Choose File to browse your local computer for the certificate file and click on Upload Certificate
Activate SSL certificate on web site
Now that you’ve generated a private key, generated a CSR, and installed a SSL on your account, you should be ready to activate that SSL certificate for your website.
Step 1 : Access the cPanel SSL/TLS Manager
Click on Setup an SSL certificate to work with your site
Step 2 : From the Domain drop-down, select the domain you’re installing your SSL certificate on, and then click Autofill by Domain
Step 3 : In this case you can see it’s warning us that the Issuer is self-signedwhich is fine. If you actually installed a 3rd party verified certificate you shouldn’t see this warning.
Click on Install Certificate
Step 4 : You should see a pop-up saying the SSL was successfully configured, then just click OK
You should hopefully now understand how to use the cPanel SSL/TLS Manager to either generate a CSR or get a SSL certificate installed on your website.