Generate an SSL Certificate and Signing Request
Posted by Matthew Jeffels, Last modified by Matthew Jeffels on 04 January 2017 05:00 PM

Generate an SSL Certificate and Signing Request

This interface allows you to simultaneously generate both a self signed SSL certificate and a Certificate Signing Request for a domain. You may also use this interface to generate private keys, which are essential for both self signed and purchased certificates.

To purchase a certificate, submit the CSR to your chosen certificate authority. They will then typically provide you with a certificate via email in a .zip.  

Contact Information

In order to receive the SSL certificate, private key, and CSR in an email, you will need to enter an email address in the "Email Address" textbox.

You should select the "When complete, email me the certificate, key, and CSR." checkbox in order to receive a copy of the request that this interface generates. You should not select this checkbox if your email service provider does not support secure mail via SSL/TLS.

Private Key Options

In this section select the desired key size from the "Key Size" menu. It is recommend that you choose at least 2,048 bits.

Certificate Information

In order to generate an SSL certificate and the CSR you will need to perform the following:

In the "Domains" textbox, enter the domain name of the website that the certificate will secure. You can also enter multiple domains, with one domain per line.

In the "City" textbox, enter the complete name of the city in which your servers are located.

In the "State" textbox, enter the complete name of the state in which your servers are located.

In the "Country" textbox, select the country of origin for the certificate.

In the "Company Name" textbox, enter your business's complete name. Some certificate authorities may not accept special characters in the Company Name and Company Division text boxes. If your company name includes symbols other than a period or a comma, ask your CA to confirm whether you can use these characters.

In the "Company Division" section, enter the name of the department or group within the company. This information is optional.

In the "Email text" box, enter a secure contact email address that your CA can use to verify domain ownership.

Shared Secrets

You will need to enter a passphrase in the "Passphrase" textbox if your certificate authority requires one for verification purposes

Create

Once you have entered the correct information, click Create.

WHM will display the CSR with its SSL certificate and private key. You should then copy and paste these items into the correct directories.

If you provided an email address, the system will then also send the information to that email address.

You can view the keys, certificates, and CSRs that you have created in WHM's "SSL Storage Manager" interface. The system will save this information in the following directories on your server:

CSR — /var/cpanel/ssl/system/csrs SSL
certificates — /var/cpanel/ssl/system/certs
Private keys — /var/cpanel/ssl/system/keys

If you purchased an SSL certificate, you should provide the CSR to the company from which you purchased the SSL certificate.
If you used a self-signed certificate, navigate to the "Install an SSL Certificate on a Domain" interface which is found via, Home >> SSL/TLS >> Install an SSL Certificate on a Domain, to install the certificate.

Thanks

Matt Jeffels
PAC Web Hosting

(0 vote(s))
Helpful
Not helpful

Comments (0)