bg-tutorials

How to Install an SSL Certificate on DirectAdmin

This tutorial explains how to install an SSL certificate on DirectAdmin. You will paste your certificate and private key, add the CA chain, and force HTTPS, all from the User level of the control panel.

Generate a CSR in DirectAdmin

A Certificate Signing Request (CSR) is a block of encoded text that contains details about your domain and organization. The Certificate Authority needs it to issue your certificate, so generate it before you order. You have two options:

Save the CSR, including the BEGIN CERTIFICATE REQUEST and END CERTIFICATE REQUEST header and footer lines, in a plain-text editor such as Notepad. You submit this CSR to the Certificate Authority during your order. Keep the matching private key safe: you will need it during installation, so copy it into a separate file and store it securely.

Note: if you generated the CSR inside DirectAdmin and do not see the private key, you do not need to worry. DirectAdmin stores it automatically and pre-fills it on the SSL installation page.

Install an SSL certificate on DirectAdmin

After the Certificate Authority validates your order and emails the certificate files, you can install them in DirectAdmin. Follow the steps below.

Step 1. Prepare your certificate files

Have three pieces ready before you start:

  • Your private key, generated together with the CSR.
  • Your certificate file (often a .crt file), issued by the CA.
  • Your CA bundle file (often a .ca-bundle file), which holds the intermediate and root certificates. The CA usually sends the certificate and CA bundle together in a ZIP archive, so extract it first.

Open each file in a plain-text editor so you can copy its contents cleanly. Avoid word processors, which can add hidden formatting that breaks the certificate.

Step 2. Log in and switch to the User level

Log in to DirectAdmin. SSL certificates are managed per domain at the User level, so if you are logged in as Admin or Reseller, switch to User level using the level selector in the top menu. If your panel hosts more than one domain, make sure the correct domain is selected before you continue.

Step 3. Paste your private key and certificate

In the current Evolution skin, go to Account Manager and click SSL Certificates. (On older skins this section is called Advanced Features.) Then:

  • Select the Paste a pre-generated certificate and key option.
  • In the top box, paste your private key, including the BEGIN PRIVATE KEY and END PRIVATE KEY lines. If DirectAdmin generated the CSR for you, the key is already filled in, so leave it as is and move on.
  • In the box below it, paste your certificate, including the BEGIN CERTIFICATE and END CERTIFICATE lines.
  • Double-check both blocks, then click Save.

The private key always goes first, with the certificate directly beneath it. Copy each block in full, from the first dash of the BEGIN line to the last dash of the END line.

Step 4. Install the CA certificate chain

The chain (intermediate plus root certificates) tells browsers your certificate is trusted. Without it, some visitors see a “certificate not trusted” warning even though the certificate itself is valid. To add it:

  • Return to the SSL Certificates page and click Click Here to paste a CA Root Certificate.
  • Paste every certificate from your CA bundle file into the box, intermediate first and root last.
  • Tick the Use a CA Cert checkbox.
  • Click Save.

Step 5. Check the SSL status for the domain

Confirm that SSL is enabled for this domain. A message near the top of the SSL Certificates panel shows the current status. If SSL is disabled, click the You can enable it here link to turn it on.

Step 6. Force HTTPS and finish

So visitors always reach the secure version, enable Force SSL with https redirect (shown as a Secure SSL option on some skins), then click Save.

Your certificate is now installed through DirectAdmin. To confirm the chain is complete and the certificate is served correctly, run a quick scan with our SSL Checker, or open the site in a browser and check the padlock.

Free option: Let’s Encrypt in DirectAdmin

If you do not have a paid certificate, DirectAdmin can issue a free one from Let’s Encrypt without leaving the panel. On the same SSL Certificates page, choose Free & automatic certificate from Let’s Encrypt (an ACME provider option on newer builds), select the domain and any subdomains you want covered, tick Wildcard if you need every subdomain, and click Save.

Let’s Encrypt certificates are valid for about 90 days and DirectAdmin renews them automatically before they expire, so there is nothing to reinstall manually. They provide the same encryption as a paid certificate. A commercial certificate still makes sense when you need Organization or Extended Validation, a longer fixed term, a warranty, or vendor support.

Frequently asked questions

Where do I install an SSL certificate in DirectAdmin?

At the User level, open Account Manager (called Advanced Features on older skins) and click SSL Certificates. SSL is managed per domain, so select the right domain first if your account hosts several.

In what order do I paste the private key and certificate?

Private key first, certificate second. Paste the private key (with its BEGIN PRIVATE KEY and END PRIVATE KEY lines) into the top box, then paste the certificate (with its BEGIN CERTIFICATE and END CERTIFICATE lines) into the box below. If DirectAdmin generated the CSR, the key is already filled in.

Do I need to install the CA bundle separately?

Yes. After saving the key and certificate, return to the SSL Certificates page, click Click Here to paste a CA Root Certificate, paste the intermediate and root certificates from your CA bundle, tick Use a CA Cert, and Save. Skipping this step can trigger “certificate not trusted” warnings for some visitors.

Does DirectAdmin support free Let’s Encrypt certificates?

Yes. On the SSL Certificates page, choose Free & automatic certificate from Let’s Encrypt, pick your domain and subdomains, and Save. The certificate is valid for about 90 days and DirectAdmin renews it automatically, so you do not have to reinstall it.

How do I redirect visitors from HTTP to HTTPS in DirectAdmin?

Enable Force SSL with https redirect on the SSL Certificates page (labeled Secure SSL on some skins) and Save. DirectAdmin then sends visitors to the HTTPS version of the same URL automatically.

How do I verify the certificate is installed correctly?

Open your site in a browser and check the padlock, or run a scan with our SSL Checker. The scan confirms the certificate is live, the chain is complete, and the expiry date is correct.

Save 10% on SSL Certificates when ordering from SSL Dragon today!

Fast issuance, strong encryption, 99.99% browser trust, dedicated support, and 25-day money-back guarantee. Coupon code: SAVE10

A detailed image of a dragon in flight
Written by

I've been writing for SSL Dragon for over 10 years, focusing entirely on SSL certificates and digital security. My job is to take complex cybersecurity topics and strip away the jargon, making sure you get the clear, practical information you need to keep your website safe.