This article explains how to install an SSL certificate for your domain using cPanel.

The SSL/TLS Manager in cPanel allows you to generate SSL certificates, certificate signing requests (CSRs), and private keys. These components work together to enable SSL, which secures your website by encrypting data transmitted between your site and its visitors. This ensures that sensitive information—such as login credentials, credit card details, and personal data—is transmitted securely instead of in plain text. It is especially important to secure your site's login areas, checkout pages, and any other sections where confidential information is exchanged. Many merchants and banks require SSL as part of their PCI compliance obligations.

When installing an SSL certificate, you need three parts:

  • Private key (KEY) — identifies your server

  • Certificate (CRT) — verifies your domain

  • Certificate Authority Bundle (CABUNDLE) — intermediate certificates that link your SSL certificate to a trusted authority

For new SSL certificates, you also need the fourth part:

  • Certificate Signing Request (CSR) — Contains information about your organisation and domain name. It is used by the Certificate Authority (CA) to issue the SSL certificate.

Tip: You can generate a new private key at the same time as creating your CSR (Certificate Signing Request) — no need to follow Step 2 unless you want to import an existing key or manually generate a new key.

Step 1: Log in to cPanel

Enter your hosting control panel (cPanel) and navigate to the SSL/TLS page under the Security category.

Step 2: Generate or Upload a Private Key

Option A – Generate a new key

  1. In cPanel, go to Security → SSL/TLS → Private Keys (KEY).

  2. Click Generate and select RSA, 2,048-bit (recommended).

  3. Click Generate and cPanel will store the new private key.

Skip this step if you plan to generate the key when creating the CSR (explained in Step 3).

Option B – Upload an existing private key

  1. Go to Security → SSL/TLS → Private Keys (KEY).

  2. At the bottom of the page, paste your existing private key into the text box or upload the .key file.

  3. Click Save.

Step 3: Generate a Certificate Signing Request (CSR)

  1. In cPanel, go to Security → SSL/TLS → Certificate Signing Requests (CSR).

  2. Under Generate a New Certificate Signing Request, select either:

    • An existing key from the Key drop-down (if you uploaded or generated one earlier), or

    • Generate a new “RSA, 2,048-bit” key to automatically create a private key.

  3. Fill in your details:

    • Domains — enter your domain (e.g., example.com and/or www.example.com).

    • City, State, Country — location of your business or organisation.

    • Company — full legal name, or your own name if personal.

    • Company Division — optional.

    • Email — your contact email.

  4. Click Generate.

  5. Copy the CSR text — you’ll need it for the next step.

Step 4: Request Your SSL Certificate

Send the CSR to the company you bought your SSL certificate from — this is called a Certificate Authority (CA). Examples of CAs include Sectigo, DigiCert, GeoTrust, and others.

  • The CA uses your CSR to create your SSL certificate files.

  • They may send you:

    • Certificate (CRT) file

    • CA bundle file (sometimes included in the CRT)

If you've purchased an SSL certificate from us which requires manual configuration, you should have received an email with a link where you can setup the SSL certificate and where the CSR will be required. Follow the necessary steps and wait for the SSL certificate to be issued. Once you receive the SSL certificate files, it is then necessary to apply Method C in the next step.

Step 5: Install the SSL Certificate

  1. In cPanel, go to Security → SSL/TLS → Manage SSL Sites.

  2. Under Install an SSL Website, choose one method:

Method A – Autofill by Domain

  • Select your domain from the Domain drop-down.

  • Click Autofill by Domain — cPanel will try to locate your certificate and key automatically.

  • Paste the CA bundle if it’s not auto-filled.

  • Click Install Certificate.

Method B – Browse Certificates

  • Click Browse Certificates and select the one you want.

  • Click Use Certificate — fields will auto-fill.

  • Paste the CA bundle if needed.

  • Click Install Certificate.

Method C – Manual Entry

  • Select your domain.

  • Paste the Certificate (CRT) in the first box.

  • Paste the Private Key (KEY) in the second box.

  • Paste the CA bundle in the third box (optional if the server can fetch it automatically).

  • Click Install Certificate.

Step 6: Verify the Installation

After installing, visit your site using https:// and check for the padlock icon in your browser. You may need to clear your browser cache and restart your browser.
You can also test your SSL at SSL Labs (Qualys SSL Test).

Optional: Use AutoSSL

If your hosting plan includes AutoSSL, you can enable it in cPanel → SSL/TLS Status to automatically install and renew free SSL certificates.

Updated by SP on 15/08/2025

Was this answer helpful? 265 Users Found This Useful (268 Votes)

Most Popular Articles

Introduction to AutoSSL

Maxer Host are making it easier than ever to secure your website with HTTPS. We have introduced...
Check SSL certificate status for your domains

Is there a valid and signed SSL certificate on your website? Maxer Host recommends all websites...
Allowing AutoSSL installer access to a website with directory privacy / password protection

Update: In the meantime, cPanel has added the DNS DCV (Domain Control Validation) validation...
How to enable HSTS (HTTP Strict Transport Security) on your website

HSTS (HTTP Strict Transport Security) is a web security policy that aims to protect websites...
Enabling HTTPS on a WordPress website

Nowadays every website should have an SSL certificate. Ideally, every website should be 100%...