For cPanel & WHM version 70
(cPanel >> Home >> Security >> SSL/TLS)
The features in this interface allow you to generate and manage SSL certificates, signing requests, and keys, which enhance your website's security. They are useful for websites that regularly work with sensitive information, such as login credentials and credit card numbers. Encryption protects visitors' communications from malicious users.
CAA (Certificate Authority Authentication) records in the domain's zone file restrict which CAs (Certificate Authority) may issue certificates for that domain.
- If no CAA records exist for a domain, all CAs can issue certificates for that domain.
- If conflicting CAA records already exist, remove the existing CAA records or add one for the desired CA.
For example, a CAA record for Comodo would resemble the following example, where
example.com represents the domain name:
You can manage CAA records through cPanel's Zone Editor interface (cPanel >> Home >> Domains >> Zone Editor). For more information about a CA's requirements, read their documentation.
The following documents provide more information about the sections of this interface:
- Private Keys - KEY — Generate, view, upload, or delete private keys.
- Certificate Signing Requests - CSR — Generate, view, or delete SSL certificate signing requests.
Install and Manage SSL for your site HTTPS — Generate, view, upload, or delete SSL certificates.
Certificates - CRT — Set up an SSL certificate for the site.
- Manage Certificate Sharing— Change your site's certificate sharing permissions.
SSL certificate creation privileges
The following table describes a user's privileges to create a SSL certificate:
|Website owners||Website owners can only create SSL certificates on domains that they own and use a dedicated IP address.|
|Reseller||Resellers can create SSL hosts on any IP address that a reseller dedicates, except to an SSL resource.|
|Reseller with ||The |