SSL Certificates.

Free and upgraded SSL certificates

SSL security, explained in plain English

Every Web Host Pro web hosting account includes a free SSL certificate through cPanel AutoSSL for most standard websites. It automatically installs and renews in the background so your site can run on HTTPS without extra work. If you need a specific certificate type (like a wildcard, multi domain, or higher assurance option), you can purchase one from our SSL store and install it in cPanel.

Included free SSL: Website Builder plans, shared web hosting, reseller hosting, and any cPanel managed VPS or dedicated server.
Paid SSL options: Wildcard and advanced certificates for special requirements, multiple hostnames, or business needs.



What SSL does (and what it is today)

Modern “SSL” is shorthand for TLS, the security technology that powers HTTPS. It does three important things:

  1. Encrypts data between your visitor and your website (login forms, contact forms, checkout, and browsing activity).
  2. Prevents tampering by detecting changes in transit.
  3. Helps confirm identity so visitors know they are connected to the right site.

HTTPS is now the baseline expectation for trust, conversions, and modern browser compatibility.

Who needs SSL?

All websites should use HTTPS. It is required for secure logins, contact forms, payments, and most modern browser features. It also reduces “Not Secure” warnings and supports better user trust.

Free SSL vs paid SSL

Free AutoSSL (included)

  • Best for most standard websites
  • Automatic install and renew (where supported)
  • Works for typical single domain setups

Paid SSL (recommended for special needs)

  • Wildcard certificates for unlimited subdomains
  • Multi domain certificates (SAN) for multiple domains
  • Business and higher assurance options when needed

Using Cloudflare or another proxy

If you use Cloudflare (or any reverse proxy/WAF), certificate issuance can require one extra step because validation must reach your origin server. In many cases you can temporarily set the DNS record to DNS-only (grey cloud) during validation, then switch it back after the certificate is active. If you need help, our support team can walk you through the quickest option for your setup.

How to tell a page is secure

  • The address starts with https://
  • You see a padlock icon in the browser address bar
  • You can click the padlock to view certificate details

CSR basics (for paid certificates)

A CSR (Certificate Signing Request) is generated by your server and submitted to the Certificate Authority to issue a certificate. It contains your domain name and public key, plus organization details for certain certificate types.

  • Common Name (CN): the primary hostname (example: example.com)
  • SANs: additional hostnames covered by the certificate (example: www.example.com)
  • Private Key: stays on your server and must be kept secret

Tip: Do not password-protect the private key if your server software cannot load it automatically.

Troubleshooting

My certificate is active but I still see “Not Secure.”
This is usually caused by mixed content (a page loading images, scripts, or CSS over http). Update those URLs to https and clear caches/CDN.

The padlock is missing on some pages.
Check for mixed content, redirects, and cached assets. Also confirm your site forces HTTPS (one redirect rule only, not multiple competing redirects).

I use Cloudflare and AutoSSL fails validation.
Temporarily switch the DNS record to DNS-only during validation, then revert to proxied mode after issuance.

Keep your private key secure

Your private key is the most sensitive part of SSL. Do not email it, store it in shared folders, or place it on public systems. If you believe it has been exposed, you should replace the certificate and rotate the key immediately.