SSL certificates come in all sorts of price ranges. For commerce sites and other websites where you want strong encryption when dealing with sensitive information, they are a must addition. However, there may come a time when you want encryption on your website just for administrator logging in to zones like the Drupal administrator, cpanel or Web Host Manager. In this case where you may feel a commercial SSL certificate could be overkill, there is always the option to setup a self-signed SSL certificate with Web Host Manager, SSH shell or SecureFTP / SSH.
With WHM, the procedure is as follows:
- Open up WHM with your VPS or dedicated server
- Look for SSL and select Generate a SSL certificate and signing request
- Fill in the required fields
- Save the data or use it from the email response
- Select Install a SSL certificate and setup the domain
- All fields will be filled in except ‘nobody’ for username
- Select Submit
- You will get a successful or unsuccessful message. Upon success, Apache restarts. If it is unsuccessful, the username may have been incorrect.
The new self-signed certificate can be used for incoming / outgoing email, logging into WHM and Cpanel. To make a self-signed certificate for a particular website, the website needs a dedicated IP address and it should have its own Cpanel account created in WHM. Then, the previous installation and setup steps can be used to have a SSL that will work on that site, Cpanel, and incoming / outgoing email servers.
The annoyance of a self-signed certificate is that you must follow steps to use it when typing https into the browser or sending email. You will have to accept it on each browser and perhaps on various occasions. One advantage to using self-signed SSL is that you can use a different port to access Cpanel and WHM rather than that from the unsecure url. One disadvantage of a self-signed SSL is that it may not work on each browser; such as Google Chrome. But, it should work each and every time with Firefox.