Free cPanel-signed hostname certificate
As part of the introduction of this feature, cPanel offers valid cPanel & WHM license holders a free cPanel-signed hostname certificate for your server's services. This replaces the certificates for these services that meet any of the following conditions:
- Has a weak signature algorithm. — New in version 56
- Revoked. — New in version 56
- Self-signed.
- Invalid (For example, your server's hostname must be valid and resolve in DNS).
- Expires in less than one week.
Note:
Comodo™ cross-signs these cPanel-signed certificates for additional security.
Your server will automatically order the free signed certificate when the server runs the /usr/local/cpanel/bin/checkallsslcerts tool as part of the upcp maintenance script and connects to the license server. The server will download and install the certificate when it is available.
When that signed certificate is less than seven days from expiration, your server will automatically order a replacement free signed certificate. The server will download and install the certificate when it is available. Otherwise, if the signed certificate expires, the server will install a self-signed certificate, and then replace that certificate with the free signed certificate when it is ready.
If you wish to replace your services certificate with one from another provider, use WHM's
Manage Service SSL Certificates interface (
Home >> Service Configuration >> Manage Service SSL Certificates).
Important:
- Your server's hostname must be valid and resolve in DNS.
- Your server must have a valid cPanel & WHM license.
- This system will only replace self-signed or expired certificates. It will not replace an existing valid certificate from a certificate authority.
Important:
You can disable the free cPanel-signed hostname certificate. You can configure this setting in Manage2's
Update Company Information interface (
Dashboard >> Company >> Update Company Information).
