How to install an SSL certificate on a VPS

If you want to boost the legitimacy and trustworthiness of your website while improving SEO rankings, you need to install an SSL (Secure Sockets Layer) certificate. Having an SSL certificate will enhance the security of your website and protect customer data, encouraging them to trust your website again and again in the future.

Thanks to their many benefits, SSL certificates are widespread – 84% of all websites now use SSL as part of their security. Plus, you can easily purchase an SSL certificate from various certificate authorities. All you need to do is choose a certificate authority, such as Comodo or Sectigo, and generate a certificate signing request (CSR) before purchasing your SSL from their website. Or, you can choose a web hosting provider like us that offers free SSL certificates as standard.

But what do you do next? Keep reading to discover more about SSL certificates, including how to install them with Apache, cPanel, Webmin, WHM and Plesk on your virtual private server (VPS).

What is an SSL certificate and why is it important?

If you’re using a VPS to host your website, you’re probably well aware of the importance of security. VPS hosting provides superior server security by ensuring a greater level of privacy and separation between you and other tenants on the server, but this isn’t enough to guarantee complete data protection on any websites you host. 

If your site experiences a data breach, your customers’ data could be compromised. However, by installing an SSL (Secure Sockets Layer) certificate, you can provide a secure, encrypted connection between your website and the user’s web browser, preventing hackers from intercepting the transmission of data. 

This is especially important for ecommerce websites, as users will be typing in their banking details. Even if hackers managed to intercept this data, it would be encrypted by the SSL certificate, which means that your customers’ sensitive data would be safe.

Improving trust

By enhancing the security of your website, an SSL certificate will also boost its trustworthiness and legitimacy, making it more likely for people to visit it. The presence of an SSL certificate is shown by the use of ‘https://’ at the beginning of the URL rather than just ‘http://’, in addition to a padlock icon in the address bar. These are important signals to internet users, who would much rather click on a secure website where they know their data is safe.

Plus, Google announced in 2014 that SSL certificates are a factor in search rankings. SSL certificates are a powerful signal of a website’s trustworthiness, which is why they can boost your site’s ranking in search engine results. Websites without an SSL certificate are unlikely to be ranked highly and endorsed by Google. In fact, when visiting a site without one, Google will display a warning message to visitors - not a good look!

To learn more about this topic, read our in-depth article on SSL certificates and their benefits.

Installing an SSL certificate in Apache

For these guides, we’ll assume that you’ve already purchased and downloaded your SSL certificate from a certificate authority. The next step is to simply install it on your VPS.

First, let’s look at how you can install your SSL certificate if your VPS is running on Apache, which is the most widely used web server software.

1. Download your certificate 

When purchasing an SSL certificate from a certificate authority, you’ll first need to generate a certificate signing request (CSR) – learn more about this process in our helpful CSR guide. During a CSR, your computer will generate public and private keys, which are needed to encrypt data transmitted between you and your customers, and it will also record information about your organisation. You’ll then send this CSR information to your chosen certificate authority so that they can sign your new SSL certificate.

Once your SSL certificate is signed and purchased, you’ll need to download it. Your certificate authority should have sent you an email containing your certificate files, which will be found between the ‘BEGIN CERTIFICATE’ and ‘END CERTIFICATE’ lines. Change this to a .CRT file before importing it.

2. Create a folder

Next, you need to create a folder for all of your certificate files. This folder should be located in the home directory of your VPS operating system (OS).

You may already have a default folder for storing SSL certificates. This could be a folder called /etc/ssl/certs if you’re using a Debian or Ubuntu server, or the folder may be called /etc/pki/tls/certs if you’re using a CentOS server. In any case, you should upload all SSL files to a folder called something like /etc/ssl/.

3. Save files

When uploading your certificate files to your newly created folder, make sure you have the following three important files:

  • certificate.key
  • certificate.crt
  • cabundle.crt

If you don’t have these files, contact the certificate authority you purchased your SSL certificate from.

4. Edit the default configuration file

There should be a default configuration file (.conf) you need to edit. Open the configuration file for your domain with a text editor, or use the following command on a Linux VPS:

sudo nano /etc/apache2/sites-available/default-ssl.conf

Between the ‘Virtual Host’ tags in the configuration file (you should see a tag like this: <VirtualHost _default_:443>), add the following text:

ServerName domain.tld

SSLCertificateFile /etc/ssl/domain.tld.crt

SSLCertificateKeyFile /etc/ssl/domain.tld.key

SSLCertificateChainFile /etc/ssl/domain.tld.ca-bundle

For the last three lines, make sure you edit the file path to the correct location of your uploaded certificate files. Save your changes and exit.

5. Restart Apache

Once these changes are made, you need to restart Apache for them to take effect. The following command is used to restart the Apache software:

sudo systemctl restart apache2

6. Test

Finally, you need to test your server to see if the changes have taken effect and your SSL certificate has been properly installed. Force an SSL connection to your website by connecting to it using ‘https://’. If you see a padlock icon, your Apache SSL certificate has been installed.

Alternatively, you can test your certificate by entering the following command: 

apachectl configtest

If you get an error message, you may need to enable ‘mod_ssl' for Apache. You can enable it with the following command:

a2enmod ssl

systemctl restart apache2

Once everything is properly configured, you should see a message that says ‘Syntax OK’. Your Apache SSL certificate has now been successfully installed!

Installing an SSL certificate in Plesk

Installing your SSL certificate in Plesk is also super simple. If you’re using the Power User interface, head over to ‘Websites & Domains’ menu, and then locate the right domain name and click ‘SSL/TLS Certificates’. Then, click ‘Add SSL/TLS Certificate’ and either upload your files or type the information into the correct boxes. Finally, click ‘Upload Certificate’ to complete the installation.

If you’re using the Service Provider interface, the process is very similar. You’ll need to head over to the ‘Domains’ menu, click the right domain name, and then click the link for SSL/TLS. From here, you can click ‘Add SSL/TLS Certificate’ and add the SSL information you received from your certificate authority. When you’re done, click on ‘Upload Certificate’ to complete the installation.

For both methods, you’ll need to enable the SSL certificate for your website once it’s uploaded. To do this, you’ll need to go to the Websites & Domains/Domains menu and click on ‘Hosting Settings’ for your website. Then, click on ‘Security’, ‘Certificate’ and the correct certificate name for your site from the dropdown menu. Enable your SSL certificate by selecting ‘OK’.

Installing an SSL certificate in cPanel

Next, let’s quickly go through some other installation processes for popular types of server software. Here’s how you can install your SSL certificate in cPanel.

1. Log into cPanel

First, log into your cPanel account. In the security section, you’ll find icons for ‘SSL/TLS’ and ‘Lets Encrypt SSL’. If you’d like to install a free SSL certificate (which will be active for 90 days before you need to renew it), click on the second option and then click on ‘Issue’ in front of your domain name. Choose the http-01 validation method and then click on ‘Issue’ again. You should then see a notification that a Let’s Encrypt SSL certificate has been successfully installed.

2. Manage SSL sites

If you’ve already purchased an SSL certificate from another certificate authority, click on the ‘SSL/TLS’ icon. In the following menu, scroll down to ‘Install and Manage SSL for your website (HTTPS)’ and click on the ‘Manage SSL sites’ option.

3. Copy SSL certificate code

Go to the email you received from your chosen certificate authority – this should contain your certificate code and files. Copy all of the certificate code – including the ‘BEGIN CERTIFICATE’ and ‘END CERTIFICATE’ lines – and paste it into the Certificate: (CRT) field on your cPanel menu. 

Click on the ‘Autofill by Certificate' button, which should appear next to the Certificate: (CRT) field. The system should then retrieve your domain name and private key. If this doesn’t work, you can manually select your domain from the dropdown menu and enter your private key into the private key field.

Finally, you should copy and paste the chain of intermediate certificates (CA bundle) into the Certificate Authority Bundle (CABUNDLE) field. Then, all that’s left to do is to click on the ‘Install Certificate’ button.

Installing an SSL certificate in Webmin

If you’re interested in a Let’s Encrypt SSL certificate, you can also request and install one directly through Webmin. All you need to do is make sure SSL is enabled (in the ‘Enabled features’ section in the Virtualmin tab) and then head over to the Server Configuration tab. Then, you should click on ‘SSL Certificate’ and ‘Let’s Encrypt’ – you can request an SSL certificate here. 

Alternatively, if you’ve already purchased an SSL certificate, here’s how you can install it if you use Webmin as your VPS operating system.

1. Download certificate files

The first step is to download your SSL certificate files from the email you received from your certificate authority. Copy these .crt files and your private key over to your Webmin server.

2. Edit your miniserv.pem file

You should find a miniserv.pem file in your /etc/webmin folder. Before editing this file, create a backup copy.

Next, build a replacement miniserv.pem file with your private key and primary certificate by running the following command:

cat private.key yourcommonname.crt > new_miniserv.pem

Make sure you change ‘private.key’ and ‘yourcommonname’ to the file names of your private key and SSL certificate. Once this is complete, save your changes and restart your Webmin server. Your SSL certificate should now be fully installed.

Installing an SSL certificate in WHM

The process of installing an SSL certificate on WHM (WebHost Manager) is very simple. All you need to do is log into WHM as a root user, using the root password. Then, you need to go to the search box and type in ‘install an SSL certificate’. You should see a result called ‘Install an SSL Certificate on a Domain’ – click on this link.

On this page, you should enter your domain and paste the certificate, key and certificate authority bundle information into the correct fields. You can find this information in the email you received from the certificate authority. Then, just click on the ‘Install’ button at the bottom – your SSL certificate should be ready to go!


Instead of having to purchase and install an SSL certificate yourself, you can choose a web hosting company that provides SSL certificates as an add-on with your VPS hosting plan. Get SSL certificates, full root access, 24/7 support and more with Fasthosts VPS hosting – contact us today to discover more.