SSL Settings for cPanel

Overview

Proper SSL configuration is crucial for secure server operations. This guide covers SSL settings and best practices for cPanel servers using RC Licensing System.

SSL Certificate Management

Installing SSL Certificates

cPanel provides multiple ways to install SSL certificates:

• AutoSSL: Automatic SSL certificate installation and renewal
• Let's Encrypt: Free SSL certificates with automatic renewal
• Commercial Certificates: Third-party SSL certificate providers
• Self-Signed Certificates: For testing purposes only

AutoSSL Configuration

AutoSSL is the recommended method for automatic SSL certificate management. It automatically installs and renews certificates for your domains.

Enabling AutoSSL:

1. Log in to cPanel
2. Navigate to SSL/TLS Manager
3. Click on "Manage AutoSSL"
4. Select your preferred certificate provider
5. Enable AutoSSL for your domains

FleetSSL

FleetSSL comes free with your cPanel license and provides advanced SSL management features.

Activating FleetSSL

To activate FleetSSL on your server, run:

ZCP -fleetssl

FleetSSL Benefits

• Automatic SSL certificate installation
• Multi-domain certificate support
• Automatic certificate renewal
• Integrated with cPanel

SSL/TLS Best Practices

Security Recommendations

• Always use HTTPS for all connections
• Keep SSL certificates up to date
• Use strong encryption protocols (TLS 1.2 or higher)
• Disable older SSL/TLS versions (SSL 3.0, TLS 1.0, TLS 1.1)
• Regularly monitor certificate expiration dates

Cipher Suite Configuration

Configure strong cipher suites in your Apache configuration:

SSLProtocol TLSv1.2 TLSv1.3
SSLCipherSuite HIGH:!aNULL:!MD5
SSLHonorCipherOrder on

Troubleshooting SSL Issues

Certificate Installation Failed

If certificate installation fails:

• Verify domain ownership
• Check DNS records are properly configured
• Ensure port 80 and 443 are accessible
• Review cPanel error logs

Certificate Expiration Warnings

If you receive certificate expiration warnings:

• Log in to cPanel
• Navigate to SSL/TLS Manager
• Check certificate expiration dates
• Renew certificates before expiration

Mixed Content Warnings

Mixed content warnings occur when HTTPS pages load HTTP resources:

• Update all resource URLs to use HTTPS
• Use relative URLs when possible
• Configure automatic HTTPS redirects

Updating SSL Certificates

To update your cPanel license and SSL settings, run:

ZCP

Additional Resources

• Security TIPS for cPanel
• Installation Guide
• cPanel Official Documentation