How to Set Up an SSL Certificate in cPanel

Why do you need an SSL certificate?

An SSL (Secure Sockets Layer) certificate encrypts communication between your site and visitors. Without SSL, data such as passwords, personal information, and payment details travel the internet in readable form, vulnerable to interception. Since 2018, Google Chrome marks sites without SSL as "Not Secure". See our explanation of different SSL certificate types - this repels visitors and hurts SEO rankings.

Beyond security, an SSL certificate is required for the HTTPS protocol, which is the standard today. Google uses HTTPS as a ranking factor, and modern browsers block some features (geolocation, camera, microphone) on sites without SSL.

SSL certificate types

• DV (Domain Validation): Basic level - only confirms domain ownership. Ideal for blogs and smaller sites. Let's Encrypt issues free DV certificates.
• OV (Organization Validation): Confirms organization identity. Recommended for business sites that want a higher trust level.
• EV (Extended Validation): The strictest verification process. It used to show a green bar in the browser, but modern browsers no longer do that. It still provides the highest level of trust.
• Wildcard SSL: Covers the main domain and all subdomains (*.yoursite.com). Ideal if you have multiple subdomains.

Option 1: AutoSSL in cPanel

AutoSSL is the easiest way to get a free SSL certificate in cPanel. Most quality hosting providers, including BeoHosting with free SSL, have AutoSSL enabled by default. Here is how it works:

How to check if AutoSSL is active

• Log in to cPanel.
• Go to the "Security" section and click "SSL/TLS Status".
• You will see a list of all your domains and subdomains with their SSL status.
• If it shows "AutoSSL Domain Validated" with a green icon, SSL is active.

Running AutoSSL manually

If SSL is not installed automatically (e.g. for a new domain), you can run it manually:

• In cPanel go to "SSL/TLS Status".
• Click the "Run AutoSSL" button in the top-right corner.
• Wait a few minutes while the certificate is generated and installed.
• Refresh the page and check status - it should be green.

Option 2: Let's Encrypt in cPanel

Let's Encrypt is a free Certificate Authority (CA) that issues DV SSL certificates. Many hosting providers offer Let's Encrypt integration in cPanel.

Installation via cPanel plugin

• In cPanel look for "Let's Encrypt" or "SSL/TLS" under Security.
• If there is a Let's Encrypt option, click it.
• Choose the domain for which you want to install the certificate.
• Click "Issue" or "Install" and wait for the process to finish.
• Let's Encrypt certificates are valid for 90 days and renew automatically.

Option 3: Manual SSL certificate installation

If you bought a commercial SSL certificate (from Comodo, DigiCert, GeoTrust, etc.), you must install it manually:

Step 1: Generate a CSR

• In cPanel go to "SSL/TLS" under Security.
• Click "Generate, view, or delete SSL certificate signing requests".
• Fill in the form: domain, organization, city, country, email.
• Click "Generate" and copy the generated CSR.

Step 2: Purchase and validation

Send the CSR to your SSL provider when buying the certificate. They will send certificate files after you complete validation (usually via email or DNS record).

Step 3: Install the certificate

• In cPanel go to "SSL/TLS" and click "Manage SSL sites".
• Choose the domain from the dropdown.
• Paste the certificate (CRT file) into the "Certificate" field.
• Paste the private key into the "Private Key" field (or click "Autofill" if you generated the CSR in cPanel).
• Paste the CA Bundle (intermediate certificates) into the "Certificate Authority Bundle" field.
• Click "Install Certificate".

How to force HTTPS across the entire site

Via cPanel

The easiest way: in cPanel go to "Domains", find your domain, and enable "Force HTTPS Redirect". This automatically redirects all HTTP traffic to HTTPS.

Via .htaccess

If you need more control, add the following code to the .htaccess file in your site's root directory. This code checks whether the connection is already HTTPS and, if not, redirects the user to the HTTPS version of the same page with a 301 (permanent) redirect.

In WordPress

• Go to Settings > General in the WordPress admin panel.
• Change both WordPress Address and Site Address from http:// to https://.
• Install the Really Simple SSL plugin for automatic mixed content fixing.
• Check the site for mixed content errors (HTTP resources on an HTTPS page).

Resolving common issues

• Mixed Content errors: When a page loads some resources (images, scripts, CSS) over HTTP instead of HTTPS. Solution: update links in the database or use a search-replace plugin.
• SSL certificate expired: Check that AutoSSL is active. If you use a commercial certificate, renew it with the provider and reinstall.
• ERR_SSL_PROTOCOL_ERROR: Usually means the certificate was incorrectly installed. Check that the private key is correct and that you included the CA Bundle.
• Redirect loop: If the site falls into an infinite redirect loop, check that you do not have a duplicate HTTPS redirect (both in cPanel and in .htaccess).

Conclusion

Installing an SSL certificate in cPanel is easier than ever today. With AutoSSL or Let's Encrypt, free SSL is available to everyone and there is no reason your site should not use HTTPS. Follow the steps in this guide, force HTTPS redirection, and regularly check certificate status. Your site's security and visitor trust depend on it. Check your SSL certificate status with our SSL checker tool.