Page tree
Skip to end of metadata
Go to start of metadata

For cPanel & WHM version 68

(cPanel >> Home >> Security >> SSL/TLS)

Overview

The features in this interface allow you to generate and manage SSL certificates, signing requests, and keys, which enhance your website's security. They are useful for websites that regularly work with sensitive information, such as login credentials and credit card numbers. Encryption protects visitors' communications from malicious users.

Warning:

As of cPanel & WHM version 68, we only support Transport Layer Security (TLS) protocol version 1.2

  • We will only support applications that use TLSv1.2.
  • We strongly recommend that your hosting provider enable TLSv1.2 for your account. 

Note:

CAA records in the domain's zone file restrict which CAs (Certificate Authority) may issue certificates for that domain.

  • If no CAA records exist for a domain, all CAs can issue certificates for that domain.
  • If conflicting CAA records already exist, remove the existing CAA records or add one for the desired CA.

For example, a CAA record for Comodo would resemble the following example, where example.com represents the domain name:

example.com. 86400 IN CAA 0 issue "comodoca.com"

You can manage CAA records through the Zone Editor interface. For more information about a CA's requirements, read their documentation.

Documents available

The following documents provide more information about the sections of this interface:

SSL certificate creation privileges

The following table describes a user's privileges to create a SSL certificate:

User TypePrivileges
Website ownersWebsite owners can only create SSL certificates on domains that they own and use a dedicated IP address.
ResellerResellers can create SSL hosts on any IP address that a reseller dedicates, except to an SSL resource.
Reseller with root privilegesThe root user, or a reseller with root privileges, can create an SSL certificate on any available IP address on the server, except to an SSL resource.