15

SSL Certificates

Last Update 7 months ago

How to Generate and Retrieve Your SSL Certificate from the HostAfrica Client Area How to run AutoSSL on your Domains to install an SSL via cPanel(not DirectAdmin) How to enable SSL for SiteBuilder How to Include or Exclude a Domain from AutoSSL in cPanel How to Manually Run AutoSSL on Your Domains via cPanel

How To Install An SSL Certificate

Here's a streamlined guide with current best practices and clear steps for the four main methods of installing an SSL

Evans

Last Update 7 months ago

Method 1: Apache (Linux CLI)


1. Generate CSR & private key


openssl req -new -newkey rsa:2048 -nodes \ -keyout server.key -out server.csr


Recommended: 2048-bit RSA key 
Enter your domain (FQDN), organization details, and country.


2. Order the SSL certificate

Submit the CSR to your chosen CA (e.g., DigiCert, Let's Encrypt).

With Let's Encrypt, you can skip manual steps using Certbot 


3. Download certificates

Save your CA bundle and primary certificate to your server, ideally under:

/etc/ssl/certs/ /etc/ssl/private/


4. Update Apache config
In your <VirtualHost *:443> block:

SSLEngine on SSLCertificateFile /etc/ssl/certs/your_domain.crt SSLCertificateKeyFile /etc/ssl/private/server.key SSLCertificateChainFile /etc/ssl/certs/intermediate.crt


5. Test & restart Apache


apachectl configtest && systemctl restart apache2

Then verify via https://your-domain.com 

Look for the padlock 

Method 2: cPanel


1. Log in and go to SSL/TLS Manager.


2. Generate a new private key (2048-bit) and CSR.


3. Order your certificate using the CSR.


4. Return to SSL/TLS Manager → Manage SSL sites, 

paste in:

  • Private key
  • Certificate
  • CA bundle


5. Click Install.
Method 3: DirectAdmin


1. Go to Account Manager → SSL Certificates.


2. Choose “Paste a pre-generated key & CSR”, or generate a CSR if needed.


3. After getting your certificate:

Paste private key and certificate.


If needed(Paste CA bundle (root/intermediate)).


4. Enable “Force SSL with HTTPS redirect” as needed 


5. Save settings—your SSL is now active.
Method 4: Microsoft IIS


1. Open IIS Manager → Server Certificates → Create Certificate Request.


2. Enter your domain and organization info (choose 2048-bit).


3. Submit the CSR to purchase the certificate.


4. Once issued:

Back in IIS Manager, select Complete Certificate Request.


5. Assign a friendly name and install to Personal store.


6. Bind to your site under Site Bindings → Type: https, select your certificate.


(Optional) Import the intermediate cert into Intermediate Certification Authorities via MMC.

Run:

iisreset

7. Test your site at https://your-domain.com. (replace your-domain.com with your real domain name)

Other: Let’s Encrypt + Certbot(for Linux admins)


If you're using Linux—especially Ubuntu or Debian—consider using Certbot for auto-generation, installation, and renewal of free SSL certs:

sudo apt update sudo apt install certbot python3-certbot-apache sudo certbot --apache -d your-domain.com -d www.your-domain.com

This both obtains and configures SSL for you, with renewals handled automatically

In Summary

Method
Best ForSSL Install Process
Apache CLIFull control, no panelManual CSR, cert upload, Apache config
cPanelShared hosting via cPanelCSR gen, paste certs, AutoSSL option
DirectAdminShared hosting via DirectAdminCSR gen, paste certs & CA bundle
IIS (Windows)Microsoft-hosted sitesCSR wizard → cert import → binding
Let’s Encrypt + CertbotAuto SSL on Linux serversOne command setup, auto renewal

Was this article helpful?

2 out of 2 liked this article

Still need help? Message Us