Apache SSL Certificate Installation in Cpanel

SSL Certificate Installation in Cpanel (WHM)

Installing your Cpanel SSL Certificate in Apache

Before you begin, download your Intermediate and Primary Certificate files from your DigiCert Web-PKI Customer Account to the directory where you will keep your certificate and key files.

1) Enter the WebHost Manager.

2) In the SSL/TLS menu, click the link to install a Certificate.

3) In the first box, you will need to paste the contents of your Primary Certificate (yourdomain.crt) that you downloaded from DigiCert. To access the text version of your certificate, open it with a text editor. When copying and pasting your certificate, include the BEGIN and END tags.

4) Fill in the required Domain / User / IP address information. The domain and IP address may fill in automatically. Type your cPanel username in the User field.

5) In the middle box you will need paste the correct RSA private key that was generated with the CSR. This private key was sent to your email address when you generated your CSR. The private key may fill in automatically if the server recognizes your Certificate.

6) In the bottom box you will need to paste the contents of the Intermediate Certificate (DigiCertCA.crt)

7) Press the "Do it" button.

**Note: If your "Do it" button is not active, try clicking the Fetch button for the private key only. This will activate the "Do it" button. DO NOT click the fetch button that corresponds to the Certificate itself. If you do this, the certificate will be replaced with an invalid self-signed certificate.

Intermediate Certificate Installation (if necessary):

**Note: Some versions of Cpanel are faulty and do not correctly install the Intermediate Certificate. As a result, the certificate does not properly authenticate. To resolve this issue, perform the following Intermediate Certificate installation:

1) Locate the Virtual Host File:
On most Apache servers the Virtual Sites are configured in the /etc/httpd/conf/httpd.conf file. However, the location and name of this file can vary from server to server -- Especially if you use a special interface to manage your server configuration. Another common name for the file is 'SSL.conf'. If you open the file with a text editor, you will see the configurations for the virtual hosts that are housed on the server. The virtual host configurations are probably found near the end of the file.

2) Identify the secure Virtual Host for your site:
Locate the Virtual host configuration for the site you are securing. It will have the proper name and IP address (including port 443).

3) Configure the Virtual Host For SSL:
Cpanel has already setup the first three SSL configuration lines for you. Now you will edit your Virtual Host configuration by adding the 'SSLCACertificateFile' line below (this line is bolded).

<VirtualHost 192.168.0.1:443>
DocumentRoot /var/www/html2
ServerName www.yourdomain.com
SSLEngine on
SSLCertificateFile /etc/ssl/crt/your_domain_name.crt
SSLCertificateKeyFile /etc/ssl/crt/your_private.key
SSLCACertificateFile /etc/ssl/crt/DigiCertCA.crt
< /VirtualHost>

Of course, the path and names of your certificate files may be different. When typing the path for your SSLCACertificateFile, type the path and filename you plan to use when saving your intermediate certificate. It is generally advised to save your intermediate certificate in the same directory that cPanel already saved your primary certificate to.

4) Save the changes to your configuration file.

5) Save the Intermediate Certificate file to the Server:
Verify that the Intermediate Certificate file (DigiCertCA.crt) is saved to the path you configured above.

6) Restart Apache.

Installing your SSL Certificates in Cpanel-WHM

How to install your SSL Digital Certificate.