Having a Secure Socket Layer (SSL) certificate on your site will provide an extra security layer to it. The SSL certificate will enable encryption of data transfer between the users and your server which is especially important when your site is processing sensitive data such as user login credentials, personal data, and credit cards number.
On top of that, with SSL certificate your site can have a chance to rank better on Google SERP, avoid “Not Secure” mark in Google Chrome and other browser since your site would be able to load from the HTTPS protocol, leverage HTTP/2 which requires the use of HTTPS, and protect the site for other type of malicious actions such as code injection from your ISP.
Given all these benefits, installing SSL certificate and loading your site with HTTPS should not be ignored. So, in this tutorial, we’ll show you how to deploy an SSL certificate to your site running with Apache and cPanel. We will start by obtaining an SSL certificate from an authority vendor, then installing and verifying installation. Let’s get started.
Shortcuts to sections:
- Purchase SSL Cert
- Generate CSR
- Activate SSL Cert
- Validate SSL Cert
- Download SSL Cert
- Install SSL Cert
- Test SSL Cert Installation
How to Deploy SSL & HTTPS in WordPress for Free
Deploying SSL will provide several advantages to your website. Aside from improving website security, SSL would also help... Read more
1. Purchase SSL Certificate
In order to set up the SSL certificate for your website, you first need to purchase it. You can do so by following the steps below.
- Sign up for a namecheap.com account or sign in if you already have one.
- Once you sign in, hover on the Security tab on the top right corner, and click SSL Certificates.
- Explore the available SSL certificate options. You can learn more about each option or compare them with eachother to decide which one would suit you. Once you decide which option to go for, click Buy Now.
- Proceed to buying your SSL certificate by clicking the Confirm Order, then click Pay Now on the next page to pay for the certificate.
- Once that is done, you will be directed to the following page that says “Thank you for your purchase!” Click Manage button to begin setting up the certificate.
- Your newly bought SSL certificate will be listed here. Now click Activate to activate your SSL certificate.
Next, I will take you through a 5-steps process to activate your certificate, starting with entering the CSR.
Let’s leave this browser window open for now.
2. Generate CSR
There are many ways to generate CSR, however, in this guide, I will walk you through generating CSR via cPanel and WHM, and we will start with the former.
Generate CSR via cPanel
- Open a new browser window, go to the cPanel of your website, and login. Your cPanel URL should be either cpanel.domain.com or domain.com/cpanel.
- After logging in, look for Security and under this option click on SSL/TLS.
- The SSL/TLS page will show different options. Here click "Generate, view, or delete SSL certificate signing requests." to generate a new CSR.
- On the next page, fill up all required information:
- Key – Leave this to its default.
- Domain – Enter the domain name of website for which you want to install the SSL certificate.
- City, State, Country, and Company – Add all the respective information – these are compulsory.
- Company division, Email, Passphrase, and Description – Add this information if you want – these are optionals.
Now click Generate to get your CSR code.
- Encoded Certificate Signing Request.
- Decoded Certificate Signing Request
- Encoded Key.
- Decoded Key.
Keep this browser window open as we will be needing it in the later step.
Generate CSR via WHM
If you are running your website from a dedicated server, chances are you will have access to WHM. Therefore you can also generate CSR via WHM.
- Open a new browser window and login to WHM.
Note: If you don’t already know the URL to your WHM login, it would most likely be ipaddress/whm, or domain.com/whm. If these don’t work, contact your web host.
- After logging in, look for “Generate an SSL Certificate and Signing Request” under SSL/TLS on the left panel.
- First, check the box that says “When complete, email me the certificate, key and CSR” and then enter your email address to get a copy of the generated CSR later.
- Next, fill up all the required information as follows:
- Key Size – Leave it to its default.
- Domains – Enter the domain you will install your SSL certificate.
- City, State, Country, and Company – Add all the respective information – these are compulsory.
- Company Division, Email and Passphrase – these are optional.
Once done, click the Create button.
- Signing Request.
After these steps, keep this browser window open, you will need it in the later step.
3. Activate Certificate
- Copy all codes from Encoded Certificate Signing Request (cPanel) or Signing Request (WHM) from the previous browser window into Enter CSR. The Primary domain will be auto-retrieved from your CSR. Once this is done, click Next.
- Next, double-check to make sure the correct web hosting server is selected and then click Next.
- Now choose a method to verify your domain. The easiest way would be to verify via email.
Note: Make sure you have access to email@example.com, firstname.lastname@example.org, or any email addresses under Approver email dropdown.
- Finally, re-check your submitted information before clicking the Submit button.
4. Validate Certificate
Since we choose the email for DCV method, we’ll be expecting an email asking us to verify that we are the owner of the domain we intend to install the SSL certificate. Here’s how you can validate the SSL certificate via email.
- Check your inbox for an email sent by the SSL provider. It should look something like the screenshot below.
- Go into that email and follow the instructions to verify your domain.
5. Download SSL Certificate
You will verify the certificate via email, you’ll be sent the certificate to be downloaded. Here’s how you can do it.
- The emails you’ll receive, of which one of them will contain the certificate, would look like the screenshot below.
- You’ll have to look for the email from SSL provider with an attachment in .zip format.
- Download and extract the attachment. It should consists two text files; one ending with .ca-bundle extension and the other ending with .crt. Open them up in your preferred text editor.
6. Install SSL Certificate
Before we go on to install the SSL certificate, let’s do a recap. First we purchased an SSL certificate, generated CSR (via cPanel, or WHM) to activate the certificate. Then we’ve also validated, downloaded the certificate and finally have it opened in a text editor. And now, we’re going to install the certificate.
We will start with the guide on how to install the certificate via cPanel.
Install Certificate via cPanel
- Back in cPanel, navigate to Security > SSL/TLS and click on “Manage SSL Sites” under Install and Manage SSL for your site (HTTPS).
- Information on this next page needs to be carefully and accurately entered to ensure successful installation of the SSL certificate. Let’s go through each of the fields one by one.
- Do a final check, and then click the Install Certificate button.
- If everything had gone well, you’ll see a prompt informing you that your SSL certificate has been successfully installed.
"Domain" – Click the drop-down and hopefully you may find the domain name is already in there. Here select the domain name.
"Certificate: (CRT)" – Copy all the codes in the file ending with .crt extension, and paste it inside here.
"Private Key (KEY):" – There was a browser windows we left opened while generating the CSR key earlier on. Go back there, copy all codes inside “Encoded Key:” and paste it here.
"Certificate Authority Bundle: (CABUNDLE)" – Copy all codes from the file ending with .ca-bundle extension, pate it inside here.
Install Certificate via WHM
- To install SSL certificate via WHM, look for “Install an SSL Certificate on a domain” under SSL/TLS on the left panel and click on it.
- You’ll need to provide all information carefully in order for the certificate to be installed successfully. Let’s go through each of them one by one.
- Take a final re-check to make sure all the information is filled correctly and then hit the Install button.
- Here’s what you will see if the certificate is installed successfully.
"Domain:" – Enter the domain name for which you want to install this certificate.
"Certificate:" – Copy all codes from the file ending in .crt extention, paste it here.
"Private Key:" – Revisit the browser window we left opened when generating CSR. Copy all codes in “Key” and paste it here.
"Certificate Authority Bundle:" – Lastly, copy all codes in the file ending with .ca-bundle and paste it inside here.
7. Testing Certificate Installation
If you’ve reach this far, congratulation, that means your SSL certificate has been installed. Now for the final step, let’s make sure if the SSL certification is working properly.
Adding HTTPS before domain name
The easiest way to see if the SSL certificate is working is by opening a new browser, add
https:// before domain name, or replacing
https:// and then hit Enter.
If you see a lock (likely in green colour), that means the SSL certificate is up and running.
Check with web tool
This, in my opinion, Using an SSL Cheker tool is a better way to check if SSL certificate is installed properly as it factors our browser cache which would lead to inaccuracy.
Go to https://decoder.link/sslchecker/, enter your domain name and click the Check button. It will return you all information about the domain and its SSL certificate installed.