bg-tutorials

How to Install an SSL Certificate in cPanel

This guide gives you step-by-step instructions on how to install an SSL certificate in cPanel. cPanel is one of the most widely used web hosting control panels, and the SSL installation is straightforward even without advanced technical skills.

Generate a CSR code

If you are buying a certificate from a Certificate Authority, start with a CSR (Certificate Signing Request). A CSR is a request you submit to the CA to apply for your certificate, and you cannot obtain the certificate without it. You have two options:

Submit the CSR to the Certificate Authority during your order. After the CA validates it and issues your SSL certificate, continue with the installation below. (If you only want a free certificate, skip ahead to AutoSSL, which does not require a CSR.)

Install an SSL certificate in cPanel

After validation, the Certificate Authority emails you the certificate files (or you download them from your account). You will need three things: the certificate itself, the private key you created with the CSR, and the CA bundle (the intermediate and root certificates). Then follow these steps. The labels below match the current cPanel interface (Jupiter theme).

Step 1: Open the SSL/TLS Manager

  1. Log into your cPanel account.
  2. Go to the Security section and select SSL/TLS.
  3. On the SSL/TLS page, under Install and Manage SSL for your site (HTTPS), click Manage SSL Sites.

Step 2: Select the domain

Scroll to the Install an SSL Website area. From the Domain drop-down list, select the domain you want to secure. If you generated the CSR and key inside cPanel for this domain, click Autofill by Domain and cPanel fills the boxes for you. Otherwise, paste the files in manually as described next.

Step 3: Paste the certificate, key, and CA bundle

Open each file in a plain-text editor and copy and paste its contents into the matching box:

  • Certificate (CRT): paste the full contents of your certificate file, including the BEGIN CERTIFICATE and END CERTIFICATE lines.
  • Private Key (KEY): paste your private key, including its BEGIN and END lines.
  • Certificate Authority Bundle (CABUNDLE): this box is technically optional, but do not leave it blank. A missing CA bundle can cause SSL security warnings on mobile devices and older browsers. Paste both the intermediate and root certificates here. If the CA sent multiple intermediate certificates, paste them one after another to build the correct certificate chain.

Each block is plain text that begins with a line such as —–BEGIN CERTIFICATE—– and ends with —–END CERTIFICATE—–. Include those header and footer lines when you paste.

Step 4: Install the certificate

Click Install Certificate. A confirmation message appears when the installation succeeds. cPanel applies the certificate immediately and rebuilds the web server configuration in the background, so you do not need to restart anything by hand. Open your site with https:// to confirm the padlock shows. To double-check the result, run it through our SSL Checker.

Free option: install SSL with AutoSSL

cPanel includes a free, auto-renewing option called AutoSSL. It provisions and installs a Domain Validated (DV) certificate from the provider your host has configured (commonly Let’s Encrypt or Sectigo), then renews it automatically before it expires. AutoSSL is a good fit for basic sites; choose a purchased certificate when you need Organization Validation, Extended Validation, or a wildcard. To use AutoSSL:

  1. In cPanel, open the Security section and click SSL/TLS Status.
  2. Select the domains you want to secure, then click Run AutoSSL.
  3. Wait for the check to finish. Each covered domain shows an AutoSSL certificate and renews on its own from then on.

If you installed a purchased certificate for a domain, exclude that domain from AutoSSL so the two do not conflict: on the SSL/TLS Status page, use the Exclude from AutoSSL control for that domain. If you do not see AutoSSL at all, your hosting provider may have disabled it at the server level. Contact them to enable it.

Frequently Asked Questions

How do I change or renew my SSL certificate in cPanel?

When a purchased certificate is close to expiring, buy or reissue it, then install the new files the same way: Security then SSL/TLS then Manage SSL Sites, select the domain, paste the new certificate, key, and CA bundle, and click Install Certificate. The new certificate replaces the old one. If you use AutoSSL instead, renewal is automatic and you do not need to do anything.

Does cPanel offer free SSL certificates?

Yes. cPanel’s built-in AutoSSL issues free Domain Validated certificates (commonly from Let’s Encrypt or Sectigo) and renews them automatically. Open Security then SSL/TLS Status, select your domains, and click Run AutoSSL. Free DV certificates cover basic encryption; buy a certificate when you need Organization or Extended Validation, a wildcard, or a longer support relationship.

Where are SSL certificates stored in cPanel?

cPanel manages the certificate for you, so you rarely need these paths. Each account’s certificates and keys are kept in the user’s home directory under ~/ssl/ and centrally in /var/cpanel/ssl/.
On EasyApache 4 (the current cPanel Apache) the per-domain SSL virtual-host configuration is generated under /etc/apache2/conf.d/userdata/ssl/, not /etc/httpd/.
If the server also runs cPanel’s nginx (ea-nginx) as a reverse proxy, its SSL configuration is written under /etc/nginx/conf.d/.
Manage everything from the Security section’s SSL/TLS tools rather than editing these files by hand.

How do I know if SSL is enabled in cPanel?

Open Security then SSL/TLS Status. The domains table lists each domain with its certificate type and status, so you can see at a glance which domains are secured. The quickest check of all is to open your site with https:// and confirm the padlock appears in the address bar.

Save 10% on SSL Certificates when ordering from SSL Dragon today!

Fast issuance, strong encryption, 99.99% browser trust, dedicated support, and 25-day money-back guarantee. Coupon code: SAVE10

A detailed image of a dragon in flight
Written by

I've been writing for SSL Dragon for over 10 years, focusing entirely on SSL certificates and digital security. My job is to take complex cybersecurity topics and strip away the jargon, making sure you get the clear, practical information you need to keep your website safe.