Cloudways Platform provides you complete freedom to install an SSL Certificate bought from any Certificate Authority (CA) or certificate vendor. This article will demonstrate the complete procedure of deploying a Custom SSL Certificate on your website.

If you haven’t purchased an SSL certificate yet, then you first need to generate a CSR via Cloudways Platform and then purchase an SSL Certificate from any Certificate Authority (CA) or vendor such as DigiCert, Namecheap, Comodo, etc. CSR refers to Certificate Signing Request, and it is a small file in which you provide information about the certificate to be created. CSR is required at the time of purchasing an SSL certificate by the Certification Authority. Therefore, this article will cover the instructions for both scenarios whether you have purchased an SSL certificate already or you haven’t yet.

Important

Cloudways does not sell SSL certificates but supports all kinds of SSL/TLS certificates and Wildcard certificates. Moreover, our servers support the SNI TLS extension, which means that you can deploy multiple certificates that can protect multiple applications hosted on the same server having one IP address but one application can only have one certificate.

Tip

If you are not looking to deploy a Custom SSL Certificate, then you can also choose to install a Free Let’s Encrypt SSL Certificate on your website.

How to Install Custom SSL Certificate

Deploying Custom SSL via Cloudways Platform is very easy with the following steps. Also, make sure that your website is live & DNS records are properly propagated. Else, you will not be able to configure the SSL certificate. If you already have SSL certificate configured on your website, then installing another one will overwrite the existing one as one application can only have one certificate.

Tip

If you want to learn what SSL is and why do you need one for your website, then check out this article to find out.

Step# 1

Log in to the Cloudways Platform. Once logged in, navigate to the Servers tab from the top menu bar and choose your target server on which your desired application/website is deployed.

Next, click www located at the right hand side of the server box.

Select your target application from the drop-down list.

Step# 2

In the Application Management menu, select SSL Certificate.

Step# 3

Now, further steps vary based on the current scenario whether you had already purchased and have an SSL certificate in your possession or not. So, choose from the given choices.

Scenario# 1 — I don’t have an SSL Certificate

Step (Ⅰ)

Now, select “I do not have a certificate” from the dropdown as shown in the screenshot below. Then, click Create CSR.

Step (Ⅱ)

Now, a dialog box will appear prompting for the following information. This information is asked for the CSR generation.

Just to reiterate, CSR refers to Certificate Signing Request, and it is a small file in which you provide information about the certificate to be created. CSR is required at the time of purchasing an SSL certificate by the Certification Authority.

  1. Country: Select your country. In this example, we are inputting the United States.

  2. States: Input your state, e.g., California.

  3. Locality: Input your locality/city, e.g., Los Angeles.

  4. Organization Name: Write your organization/business name.

  5. Organizational Unit: Input organizational unit, e.g., sales and marketing.

  6. Email: Input your email address.

7. Domain: Now, its time to add your domains(s) so there are a couple of instructions which are as follows:

  • If you only want one domain to be secured by SSL certificate, then enter only one domain and hit Submit. For demonstration purposes, we have used a root domain (e.g., example.com). View screenshot

  • If you want multiple domains to be protected using an SSL certificate, then you need to enter your first domain and tick SAN, and then add your domains by clicking Add Domain. Once done, click Submit. View screenshot

  • If you will be generating a Wildcard SSL certificate, then you need to enter your root domain beginning with asterisk (e.g., *.example.com) and hit Submit. View screenshot

Tip

Need help in which to choose?, learn about the difference between single, multiple, and wildcard SSL.

Step (Ⅲ)

Now is the time to purchase the SSL certificate so after generating CSR, click Download CSR to download the CSR file locally and proceed to buy an SSL certificate.

CSR file will be used at the time of purchasing the SSL certificate and if you are asked about the server type (or, similar question), then you may choose apache+mod_ssl.

If you would like to update any of the details provided in the CSR before purchasing the SSL certificate, then click Re-Create CSR and update the information.

Step (Ⅳ)

Here’s the final step of installing the SSL Certificate so click Install Certificate.

Step (Ⅴ)

Now, a dialog box will appear prompting for the Certificate Code and CA Chain. This is not your CSR file, this Certificate Code and CA Chain will be provided from your Certification Authority (CA) or vendor from whom you have purchased it.

  • Certificate Code refers to your application SSL certificate file content. Most of the SSL vendors usually provide this in .crt or .cer file format (e.g., mydomain.crt/mydomain.cer). View screenshot.

  • CA Chain refers to the certificate chain (intermediate certificate). It is usually provided in .ca or .ca-bundle file format (e.g., mydomain.ca/mydomain.ca-bundle). View screenshot.

Please note that these file formats and standards can vary, considering there are many SSL certificate providers with many different formats and standards. Still, if you need any help, you can always contact us via Live Chat or create a support ticket.

Finally, paste all the necessary details and hit Submit to deploy the certificate.

Tip

To view and copy your certificate file content (.crt/.cer file), you can use any text editor such as Notepad for Windows, TextEdit for Mac. Please note that you need to copy and paste the whole certificate including —–BEGIN CERTIFICATE —– & —– END CERTIFICATE —– lines.

That’s it! Your SSL certificate should be deployed in a few minutes. Please be advised that Custom SSL certificates are renewed/revoked at your concerned Certificate Authority’s end from where it was purchased. You may also see a dialog box prompting you to force HTTPS redirection if you have not forced it through the Cloudways Platform previously.

Important

If you use any Web Application Firewall (WAF) services such as Cloudflare, Sucuri, etc or if you have implemented HTTPS redirection already using any application plugin, or by modifying the .htaccess file of your application, then you do not need to force HTTPS redirection again from the Cloudways Platform to avoid your website running into redirection loops. But, if you want to force HTTPS redirection from the Cloudways Platform, then you need to disable any redirection mechanism working elsewhere first.

So, choose to Enable HTTPS or simply skip it by clicking Not Now. Please note that you can also force HTTPS redirection later as well.

Let’s move to the final step of verifying your SSL certificate to ensure that SSL certificate is configured correctly.

Scenario# 2 — I already have an SSL Certificate

Step (Ⅰ)

Now, select “I already have a certificate” from the dropdown as shown in the screenshot below. Then, click Install SSL.

Step (Ⅱ)

Now, you will be prompted to enter the CRT content and Key content.

  • Here, CRT content refers to your application SSL certificate file content. Most of the SSL vendors usually provide this in .crt or .cer file format (e.g., mydomain.crt/mydomain.cer) View screenshot.

  • You also need to concatenate your CA Chain, which refers to the certificate chain (intermediate certificate). It is usually provided in .ca or .ca-bundle file format (e.g., mydomain.ca/mydomain.ca-bundle). View screenshot. For Concatenation, you can use any text editor such as Notepad for Windows, TextEdit for Mac. View screenshot.

  • All SSL certificates require a private key to work. The private key is a separate file with an extension .KEY that’s used in the encryption/decryption of data sent between your server and the connecting users. A private key is created by the certificate owner—when you request your certificate with a Certificate Signing Request (CSR).

Please note that these file formats and standards can vary, considering there are many SSL certificate providers with many different formats and standards. Still, if you need any help, you can always contact us via Live Chat or create a support ticket.

Finally, paste all the necessary details and click Submit to deploy the certificate.

Tip

To view and copy your certificate file content (.crt/.cer file), you can use any text editor such as Notepad for Windows, TextEdit for Mac. Please note that you need to copy and paste the whole certificate including —–BEGIN CERTIFICATE —– & —– END CERTIFICATE —– lines.

That’s it! Your SSL certificate with the intermediate chain should be deployed in a few minutes. You may also see a dialog box prompting you to force HTTPS redirection if you have not forced it through the platform previously.

Important

If you use any Web Application Firewall (WAF) services such as Cloudflare, Sucuri, etc or if you have implemented HTTPS redirection already using any application plugin, or by modifying .htaccess file of your application, then you do not need to force HTTPS redirection again from the Cloudways Platform to avoid your website running into redirection loops. But, if you want to force HTTPS redirection from the Cloudways Platform, then you need to disable any redirection mechanism working elsewhere first.

So, choose to Enable HTTPS or simply skip it by clicking Not Now. Please note that you can also force HTTPS redirection later as well.

Here comes the next step of verifying your SSL certificate to ensure that everything is set up correctly.

How to Verify Your SSL Certificate

Cloudways highly recommends that you verify your SSL certificate and we have created a self-explanatory guide for it. Verification is done so you can ensure that everything is working fine. Many common issues occur if anything goes wrong during the SSL installation process. Your site visitors may also face inconvenience or may see several warnings generated by web browsers if your SSL certificate is not set up correctly.

That’s it! We hope this article was helpful. If you need any help, then feel free to search your query on Cloudways Support Center or contact us via chat (Need a Hand > Send us a Message). Alternatively, you can also create a support ticket.

Did this answer your question?