Deprecated: Function create_function() is deprecated in /home2/blogwebhostingbu/public_html/wp-content/plugins/facebook-like-box-responsive/facebook-like-box.php on line 29
How to install a self-signed SSL certificate - WebHostingBuzz US Blog
Notice: Undefined variable: defaults in /home2/blogwebhostingbu/public_html/wp-content/plugins/fatpanda-facebook-comments/plugin.php on line 366
 

How to install a self-signed SSL certificate

Posted on 03 May 2011 by Alan Burns

Have you ever wanted the security of SSL (Secure Socket Layer) for your web site, but didn’t want the cost of a certificate? If you need only the security and not the stamp of approval from the big issuers, then you can create your own SSL certificate.

Communications over the internet are by default insecure. If e-mail or form inputs are intercepted, your information can be read. That’s why on-line shopping, bank and auction sites use SSL. An SSL connection encrypts the traffic, so even if intercepted it cannot be read. You can tell that you’re using a secured connection by the little padlock icon in your web browser.

Commercial SSL certificates are issued by a certificate authority such as GeoTrust and Verisign. The certificate authority provides third-party validation that the web site is who it says it is. Web browsers are designed to automatically accept certificates issued by the major certificate authorities.

Self-signed certificates are useful when you need the security of SSL encryption, but don’t need a recognizable authority name on the certificate. For an end user, the obvious difference between a certificate issued by a major certificate authority and a self-signed is that the self-signed certificate will generate a browser warning.

The web browser, upon encountering a self-signed SSL certificate, warns the user that it does not recogniae the certificate authority. While this would be unsuitable for on-line sales, it’s fine for many other types of access. As long as your users are aware that you’re using a self-signed SSL cert, it’s not a problem. The first time users connects and receive the warning, they can use browser commands to accept and install the certificate. Once a user installs your cert as a trusted cert, no warnings will appear on subsequent connections.

Note that the level of encryption, and therefore security, are the same with a self-signed cert as with one from a major certificate authority. On one of my web sites I run an installation of SquirrelMail and use a self-signed SSL certificate to provide secure login and use of that web mail application for my users.

Installing a self-signed SSL certificate on a cPanel server

To install on a cPanel server, you need a reseller or VPS hosting account. You’ll also need a dedicated IP address, to separate the site from others on the shared hosting server. Here at WebHostingBuzz, reseller accounts include dedicated IP address, and you may use one of those for your certificate.

Create a self-signed SSL certificate

  1. Login to WHM.
  2. Click “Generate a SSL Certificate & Signing Request”.
  3. Enter “Contact info” with a valid e-mail address.
  4. Enter or generate a password, making sure it is sufficiently long with a mixture of letters, numbers and symbols.
  5. Under “Host to make cert for”, enter the domain on which you want the SSL.
  6. Click “Create”.
  7. Copy the text displayed for the .key and .crt, and paste them into a text file on your computer. You may need that text in the next steps.

Install a self-signed SSL certificate

  1. In WHM, click “Install an SSL Certificate and Setup the Domain”.
  2. Enter the domain name, account user name, and IP address for the certificate in the Domain, User, and IP Address fields.
  3. Click “Fetch” to paste the .key and .crt files for the domain into the available display spaces, if they are currently on your server. (The first time I did this, clicking Fetch automatically pasted the required data into the fields. When I created later certs, the I had to manually paste in the information.)
  4. Don’t enter anything in CA bundle: there is no Certificate Authority because you are installing a self-signed cert.
  5. Click “Submit”, then wait for all processes to complete. WHM will display various lines of information and finally display “Finished Install Process.. “
  6. Point your web browser to https:// followed by the domain, to see your new SSL connection working.

If you don’t see the SSL commands in your WHM, it may be because you don’t have a dedicated IP on your account. Once you have a dedicated IP assigned to a domain, the SSL Certificate links/commands will appear in WHM.

Since I began using self-signed SSL certificates a few years ago, several free and public domain certificate authorities have appeared. They issue certificates similar to those from the large commercial certificate authorities. The drawback is that most of them are not yet automatically trusted by major web browsers, meaning that users would see the same warning as when using a self-signed certificate. If these free issuers eventually get approval from the major web browsers, they would be a good alternative.

WebHostingBuzz Logo

© WebHostingBuzz USA LLC 2002 - 2024
WebHostingBuzz is a Registered Trademark.
All Rights Reserved.
WebHostingBuzz USA LLC, 850 Southbridge Street, Auburn, MA 01501, USA

1 (800) 252-1887

Payment Logos
  • Webmoney Verified
  • Webmoney Accepted

Sign up for our Newsletter

Scroll to Top