Installing an SSL certificate in cPanel is easy! Best of all, it's free with Brixly!
Important: Installing a certificate does will not force your browsers to visit the site via https:// – to do this, you would need to see our ‘How to force your site to use SSL (https) using cPanel’ guide.
Automatic SSL Certificates with AutoSSL
The process of installing SSL’s has been simplified, in most cases requiring no interaction on your part. The purpose of AutoSSL is that we will as a provider automatically check for SSL’s which are expiring, and will automatically replace those SSL’s, ensuring your sites remain secure.
If you are unable to wait for the SSL process to complete, you are also able to install an SSL certificate manually with just a single click...
cPanel -> SSL / TLS Status -> Run AutoSSL
Please note: SSL Certificates installed through AutoSSL are powered by Sectigo, which provides you with full 256-bit encryption. Sectigo is suitable for almost all sites domains, however, Sectigo does have certain restrictions and limitations in the types of SSL certificates that can be installed (see below for more information, and for more information on installing a certificate provided by LetsEncrypt as an alternative).
Free SSL Certificates are issued for 90 days, however, they are automatically renewed a few days prior to expiry, and take just a few minutes in most cases to be issued (however, in some cases it's possible that SSL issuance may take longer). As such, free SSL certificates provided by Brixly essentially 'do not expire', and are free for the lifetime of the account.
Unfortunately, citizens from the countries listed below cannot obtain any Sectigo SSL certificates due to US Export restriction laws:
- Afghanistan
- Cuba
- Eritrea
- Guinea
- Iran
- Liberia
- North Korea
- North Cyprus
- Sudan
- Sierra Leone
- South Sudan
- Syria
- Zimbabwe
However, if you do require SSL coverage for these domains / TLD's, then you are able to install an SSL certificate via LetsEncrypt, which does not have the same exclusions.
LetsEncrypt Certificates
As outlined above, Sectigo SSL certificates offer optimal coverage, completely automatically and free of charge. In addition, they also do not 'rate limit' requests, making it an ideal solution for us as shared hosting providers.
LetsEncrypt however, also offers you additional functionality, such as the ability to support wildcard coverage, and also supports redirection tracing which can be simpler for some sites hosted behind Cloudflare, or other CDNs / proxy services. Also, Sectigo does restrict certain regions from issuance entirely, as outlined above.
If your use-case/scenario requires a LetsEncrypt SSL certificate, then we now provide you the ability to install a free LetsEncrypt SSL certificate from within cPanel...
cPanel -> Let's Encrypt™ SSL
The first section will list all of your domains that have “Let’s Encrypt™” certificates issued, their expiry, and options to remove, reinstall and view them:
The second section will list all of the domains configured in your account that are eligible to have a certificate issued. Please note, redirected domains are unable to have a certificate issued.
Prerequisites
There are two important prerequisites to be met in order for a certificate to be able to issue:
- The domain name(s) you want to be signed must be pointing to this cPanel server already
- The Let’s Encrypt™ CA must be able to visit http://your-domain/.well-known/acme-challenge/xxx successfully.
These directories/files will be created automatically, but you should take care that you do not have any .htaccess rules that prevent access.
Most users will fulfill these requirements automatically.
Issuing Process
First, click the + Issue button to the right of the domain you wish to issue a certificate for. Please note, any you will be able to select any extra domains to include on the certificate in the next screen.
Ensure that all of the domains you wish to include in this certificate are selected as included and click ‘Issue’. The process may take anywhere from 10 to 45 seconds, so do not navigate away from the page.
At completion, the keys and certificates should be installed on the server, with a success message:
Certificate renewal is automatic in the background.
Your certificate will be attempted to be renewed every day from the point it is 30 days from expiring.
The prerequisites listed above for issuing must still be met during the renewal attempts, or the attempts will fail.
Compare LetsEncrypt vs Sectigo
Both solutions in their own right, are fantastic. However, each has unique benefits over the other, which is why we now offer both solutions.
As outlined above, Sectigo SSL certificates offer optimal coverage, completely automatically and free of charge. In addition, they also do not 'rate limit' requests, making it an ideal solution for us as shared hosting providers.
LetsEncrypt however, also offers you additional functionality, such as the ability to support wildcard coverage, and also supports redirection tracing.