Installing SSL Certificates and Shared SSL

To secure your domain with an SSL certificate you can either use one you already have, use a temporary certificate,  or purchase a permanent certificate. Here are the instructions for these options.

Using the Key and Certificate You Already Have

SSL requires a dedicated IP, because name-based hosting does not support data encryption in HTTP requests. To enable SSL, do the following in your End User CP:

  1. Select Domain info in the Domain Settings menu.
     
  2. Click the Edit icon in the Web Service field.
     
  3. Enable SSL for the domain in the list.
     
  4. Enter the SSL Server Private Key and SSL Certificate in the boxes that appear.
     
  5. In the Site Name field, choose whether you want to secure with or without the www prefix. Only one option will work correctly. For instance, if you choose to secure http://www.domain.com, your visitors will get security warnings when they go to http://domain.com.
     
  6. Click Submit. Now your site is secured.

 Creating a Temporary Certificate

The only difference between temporary and permanent certificates is that temporary certificates are generated by your control panel, not trusted Certificate Authorities. Thus, when visitors enter your site, they will get the "unknown certification authority" warning window.

To generate a new temporary SSL private key and certificate, do the following:

  1. Select Domain info in the Domain Settings menu.
     
  2. Click the Edit icon in the Web Service field.
     
  3. Enable SSL for the domain in the list.
     
  4. Click the link at the top of the form that appears.
     
  5. On the page that appears, confirm your details by clicking the Submit button.

    This data will be used to generate the certificate. Don't make changes to the data if you are not sure about the purpose of these changes.
     

  6. Follow instructions that appear at the top of the next page.
     
    • SSL Certificate Signing request. It includes the details that you submitted on the previous step. Use this request if you want to get a permanent SSL certificate from a trusted Certificate Authority, such as Thawte and VeriSign (see below).
       
    • SSL Server Private Key. This is the secret key to decrypt messages from your visitors. It must be stored in a secure place where it is inaccessible to others. Don't lose this key, you will need it if you get a permanent certificate.
       
    • Temporary SSL Certificate. It validates your identity and confirms the public key to assure the visitors that they are communicating with your server, not any other party.

 Acquiring a Permanent Certificate

To get a permanent certificate, do the following:

  1. Generate a temporary SSL certificate (see above).
     
  2. Copy the certificate signing request (CSR) and private key for later use.
     
  3. Go to Thawte, VeriSign, Geotrust, InstantSSL.com, or any other Certificate Authority and order a new certificate. When requested, enter the signing request that you have saved.
     
  4. After the permanent SSL Certificate has been generated, save it to a secure location.
     
  5. In our End User CP, select Domain info in the Domain Settings menu.
     
  6. Go to the Web Service page and click the Edit icon in the SSL field.
     
  7. Enter the certificate into the upper box of the form that opens and click Upload:

    Note: For Equifax, also enter the certificate authority file; for COMODO.NET, also enter the rootchain certificate (Certificate Chain File).
     

  8. Now you can use the certificate jointly with the private key you have saved.

 Renewing Permanent Certificates

If your certificate is about to expire, do the following:

  1. Find the certificate signing request (CSR) that you saved when acquiring the old certificate.
     
  2. Go to your certificate authority and choose to renew the certificate. When requested, enter the CSR.
     
  3. After the permanent SSL Certificate has been generated, save it to a secure location.
     
  4. Select Domain info in the Domain Settings menu.
     
  5. Go to the Web Service page and click the Edit icon in the SSL field.
     
  6. Enter the certificate into the upper box of the form that opens ("Install Certificate based on previously generated Certificate request"):

    Note: For Equifax, also enter the certificate authority file; for COMODO.NET, also enter the rootchain certificate (Certificate Chain File).
     

  7. Click Submit.
     
  8. Now you can use the certificate jointly with the private key you have saved.

Installing Shared SSL Certificates

If you would like to allow your customers to "share" your SSL certificate then you will need to purchase a "wildcard" certificate from