HOW TO CONFIGURE WHM / CPANEL WITH A VALID SSL CERTIFICATE
Improve your Server Security – Configure your Server to Force SSL redirection with a VALID certificate for WHM / CPANEL usage.
By default, WHM/CPANEL do not use a secure channel but instead offer an optional link to the user. Even if you don’t want to spend $20 for a GoDaddy Certificate, you can still configure the server to force the secure connection when a user attempts to login to WHM/CPANEL.
How to Setup WHM and CPANL so clients will be redirected to a valid SSL Certificate when logging in.
Instructions based on WHM v11.15.0
1) Purchase / Install the Certificate for your fully qualified domain (ie: server.domain.com)
– You can find your fully qualified server URL in the WHM under:
>> Server Status >> Server Information (System Information)
– Then you will create a certificate for this domain under:
>> SSL / TLS >> Generate a SSL Certificate and Signing Request
– After purchasing your certificate, you will install the certificate under:
** THIS MAY SEEM SLOW – BE PATIENT – WAIT FOR A BOLD CONFIRMATION MESSAGE **
>> SSL / TLS >> Install a SSL Certificate and Setup the Domain
– After installation is complete, you can assign the new certificate to be your SHARED certificate under:
** This is NOT required but is a great benefit for your clients and helps brand your domain **
>> SSL / TLS >> Manage SSL Hosts
2) Test your new Certificate
This should resolve and the cert should function properly before moving forward. If this does not work, you will need to review addition instruction on SSL installation.
This should NOT WORK but give you an invalid certificate error. The reason is that the certificate is installed for the domain only, and has not been assigned to the appropriate WHM/CPANEL services.
3) Install the CERT for the WHM and CPANEL Service (this is the step you don’t think about!!)
Service Configuration >> Manage Service SSL Certificates
> Select “Install New Certificate” for the “cPanel/WHM/Webmail Service”
> Select Domain this CRT is for “Browse”
> Pick the full server cert you installed “server.domain.com”
> Press “Submit” to install
4) Test your Service Certificate
should now be working !!
** Once your done, you may choose to install the same cert for your SMTP, POP, and FTP accounts so that the option is available and functioning properly