In order to activate an SSL certificate it is required to submit a CSR (Certificate Signing Request) on our website. The CSR is a block of code with encrypted information about your company and domain name.
To generate the CSR in WHM you need to:
- Log in to your WHM account
- Find option ‘Generate an SSL Certificate and Signing Request’
- On the new page you will be requested to provide the information required for CSR generation.
!Note: If you check the first box and enter your email address, the keys will be sent to the provided address after generation.
- Key Size. Usually there are two options: 2048 and 4096. You can choose any of them. 2048 key size is considered secure nowadays, but if you wish to have a higher security level, 4096 key size is preferable. However, every doubling of key size slows down establishment of SSL/TLS session by 6-7 times. Additionally, a bigger key size increases load on your server’s CPU.
Important: It is mandatory to use only alphanumeric characters. Otherwise, there is a possibility that a Certificate Authority will reject the CSR and certificate activation will fail.
All the fields (except for the ‘passphrase’) must be filled in.
- Domains. Here you should put the domain name you wish to secure. In case SSL should be issued for a subdomain, it is required to specify a domain’s subdomain as ‘sub1.yourdomain.com’. If you have a wildcard certificate, please put an asterisk with a dot in front of the domain name as ‘*.yourdomain.com’.
If you have a certificate with domain validation, it is not mandatory to specify Company Name and Company Division fields. However, do not leave the fields blank, just put there ‘NA’ instead.
- Once you fill the required information in, click on “Create”.
On the prompted page you will see three blocks of code.
- Signing Request. Actually it is your CSR that you should submit during SSL activation on our website.
- Certificate. It’s a self-signed certificate issued for your domain name which will be not used further. Eventually you will receive a trusted certificate issued for your domain name.
- Private Key. The key that will be used for decoding during SSL/TLS handshake once the certificate is installed. Make sure that you save it properly as the Private Key will be required for installation of the certificate on the server.