Knowledge Base

Home » Knowledge Base » Security » SSL » Here

How to install a self-signed SSL certificate

This article describes how to generate and install a self-signed SSL certificate.

Most Webhost.Berlin servers support Server Name Indication (SNI), which means SSL certificates do not require a dedicated IP address to work correctly. However, to ensure complete compatibility, you should consider purchasing a dedicated IP address. For more information about SNI support at Webhost.Berlin, please see this article.

Installing a self-signed SSL certificate

You can install a self-signed SSL certificate on your Webhost.Berlin account for testing and development purposes. To do this, you create a private key and digitally sign your own SSL certificate in cPanel.

Users receive warning messages in their browser when they try to access a web site secured by a self-signed certificate. This is because you, and not a trusted Certificate Authority, have signed the certificate. You should not use a self-signed certificate in a production environment or to transfer sensitive information (such as customer data). Let's Encrypt certificates are readily available for most cPanel accounts and are a trusted Certificate Authority in most browsers. You can learn more about Let's Encrypt certificates by reading this article.

To create and install a self-signed SSL certificate, follow these steps:

  1. Log in to cPanel.
    If you do not know how to log in to your cPanel account, please see this article.
  2. In the Security section of the cPanel home screen, click SSL/TLS Manager.
  3. Under Private Keys (KEY), click Generate, view, upload, or delete your private keys. The Private Keys page appears.
  4. Under Generate a New Private Key, confirm that the Key Size is set to 2,048 bits.
  5. In the Description text box, type a descriptive name for the key, such as Self-signed cert key.
  6. Click Generate. cPanel generates and displays the private key.
  7. Click Return to SSL Manager.
  8. From the SSL/TLS Manager page, under Certificates (CRT), click Generate, view, upload, or delete SSL certificates. The Certificates page appears.
  9. Under Generate a New Certificate, in the Key list box, select the description for the private key you generated in step 6.
  10. In the Domains text box, type the domain that you want to secure with the self-signed certificate, such as test.example.com.
  11. Complete the remaining fields for the certificate.
    Make sure you use the correct two-letter country code (for example, US or FR). For a complete list of these codes, please visit http://www.iso.org/iso/country_codes/iso_3166_code_lists/country_names_and_code_elements.htm.
  12. Click Generate. cPanel generates and displays the self-signed certificate.
  13. Click Return to SSL Manager.
  14. From the SSL/TLS Manager page, under Install and Manage SSL for your site (HTTPS), click Manage SSL sites. The Manage SSL Hosts page appears.
  15. Under Install an SSL Website, click Browse Certificates, select the certificate you generated in step 12, and then click Use Certificate. cPanel fills in the Certificate (CRT) and Private Key (KEY) fields automatically.
    Because this is a self-signed certificate, the Certificate Authority Bundle (CABUNDLE) field remains blank.
  16. In the Domain list box, select the domain you want to secure with the certificate.
  17. Click Install Certificate. cPanel installs the certificate on the server and enables SSL. When the process is complete, you receive an SSL Host Successfully Installed message.
  18. Click
    . You can now securely access the specified domain by using the https:// prefix in a web browser, but you will receive a warning message about the self-signed certificate.
HOSTING
FEATURES
SERVICES
SUPPORT
COMPANY