cPanel SSL certificate stands for Secure Socket Layer

SSL stands for Secure Socket Layer (also sometimes referred to as TLS or Transport Layer Security) and it is the main protocol used on the Web to ensure that traffic to and from a website is encrypted so third parties cannot intercept data (like your credit card information). SSL is important if you are accepting payments on your website. You don't want the private information your customers send you to be intercepted by hackers. Many people will refuse to submit financial or other private information to a website that doesn't offer SSL.

To learn more about how SSL works, visit http://computer.howstuffworks.com/encryption4.htm. In order to use SSL to encrypt traffic to and from your website you need an SSL certificate. There are a wide variety of SSL certificates and certificate providers. Some certificates cost as little as 30 USD a year and some as much as 4,000 USD a year. What makes these certificates different from one another, and which one do you need? These questions and more can be answered at http://whichssl.com/.

Your web host may require that you purchase your SSL certificate from them, so you may want to check with them before buying anything. You will definitely need a dedicated IP address (an IP address assigned only to your domain) if you plan to have an SSL certificate installed. If your web hosting account did not come with a dedicated IP address (which it probably did not) you will need to obtain one. Contact your web host for assistance. In order to buy an SSL certificate, you will need to send the provider some information about you, your website, and the server on which the website is hosted. The SSL Manager feature in cPanel helps you create the information that you can then provide to the company from whom you are buying your SSL certificate. Once you have a certificate, you can use the SSL Manager to install it.

An improperly generated certificate request or improperly installed certificate could cause problems for your website or cost you more money (because you need to get the certificate reissued) so I strongly recommend that you talk with your web host before attempting to use cPanel's SSL Manager features. Your web host will probably be happy to handle the entire process for you from start to finish. Once you know what kind of certificate you need, you will need to generate an SSL key first. This key is used to encrypt data exclusively for your website. Click Private Keys (KEY) to generate a site key.

If you already have a key installed, then you will see it displayed here. Do not create a new key for the same domain or subdomain if you already have one installed unless you know you need it (and be sure to remove the old key first). If you have a key file already generated locally that you want to use, paste the key content into the box on this screen, or select the .KEY file from your computer to upload it to your account. If you do not have a key at all, you need to generate one. Doing so is simple. Type in the domain or subdomain name that you will want to secure with an SSL certificate in the Host field on this page (or just select one from the drop-down menu next to this field) then click the Generate button to create a key.

You may need to provide this key to your web host or SSL certificate provider. If so, you can choose the key from drop-down list under the View heading and clicking Show. If you want to remove an SSL certificate from your account, you can remove the key it uses. Select the key from the drop-down menu under the Delete heading and click Delete. Both the .KEY and .CRT files will be removed when you do this.

Once you've created a key for the domain or subdomain you want to secure, click Certificate Signing Requests (CSR) to create one. This CSR file will definitely need to be given to the SSL certificate provider so they can create your SSL certificate. The information you enter here must match exactly the information you give your SSL certificate provider. Depending on the type of certificate you are requesting, they may double-check the information you provide them to make sure it is a real person and company. Do not forget any of the information you enter in the CSR, especially not the password, since that password will be needed to install your final certificate. Make sure you generate the CSR for the correct host (domain or subdomain). If you make mistakes, delete the certificate using the Delete feature on this page. Once you've successfully created a CSR you can also view it on this page.

The final step after you've purchased the certificate and received the .CRT and perhaps a .CA (Certificate Authority) file is to install the certificate on your server. Clicking Certificates (CRT) in cPanel's SSL Manager will allow you to do this. You can either paste the .CRT file contents in to the box on this page or select your .CRT file from your local computer and upload it. Once you've done that, assuming the key and CSR match exactly the CRT, you should be able to access pages securely on that domain or subdomain by visiting https://domain.com/.

If you get any errors, please double-check your key, CSR, and CRT files to make sure they are correct. If you can't figure out what is wrong, please contact your web host for assistance. It is possible to create self-signed SSL certificates from the CRT screen in cPanel. In that case, the web server itself creates a certificate you can use for secure transactions. Self-signed certificates will always produce a warning any time a user tries to access a secure page (at least one time per browsing session) on your website since the self-signed certificate is not from a trusted source. I do not recommend you try to create or use one. Some providers like http://godaddy.com/, offer SSL certificates for 30 USD or less per year, so it is better to spend a little money to get a real certificate.