To use an SSL from another company, you will need to complete the following steps:
- Request a CSR to be generated.
- Purchase your SSL certificate. The issuing company will need the CSR you received from HostGator.
- Submit a request to HostGator to install the certificate, and we will let you know when it is completed.
Note: If you are not a reseller, leave the reseller fields blank. The other fields should contain information specific to the domain receiving the SSL.
(For a more detailed explanation of the entire process, please see below. )
What We Need Before Installing the Certificate
Our cPanel servers are compatible with WHM/cPanel certificates (alternatively you may use Apache + Mod_SSL certificates). When you order a new SSL certificate, you will need to know this information.
The SSL installation form asks for some of the following information, which is needed for installing the SSL Certificate:
- The SSL Certificate field is for the main certificate file. This will be provided by the company issuing the SSL certificate.
- The SSL CA Certificate (Trusted Authority) is also known as the CA Bundle or Cert Bundle; this is optional only if your certificate company does not provide a bundle.
- The RSA Private Key field is for the RSA key we sent when you requested a CSR; please check your email for that code.
There is a $10 charge for HostGator to install SSL certificates.
- Shared or Reseller users cannot install a certificate on their own
- VPS or unmanaged Dedicated Server users may install certificates on their own or pay HostGator to install it for you
- Managed Dedicated Servers can have HostGator install SSLs free of charge
When renewing an SSL, a new certificate must be installed; this requires a $10 fee for HostGator to install the new certificate. For fewer installations, consider purchasing a certificate that covers a 2 or 3 year term.
To assist in understanding the process of installing a third-party SSL certificate, we have outlined the steps to be taken by yourself, HostGator and the certificate issuer. If you are a more visual person, then the flow chart below may help your understanding.
- Fill out the Certificate Signing Request Form (CSR).
Please note that all information on the CSR page MUST match the WHOIS information for that domain; otherwise the SSL will not be issued.
- HostGator will email you the CSR and RSA Key that you will need for the following steps. Please keep this e-mail; without the information contained within, the following steps cannot be completed.
- Purchase your SSL certificate (if you haven't already) and send the certificate issuer the CSR we sent you in step 2. (The certificate issuer does not need nor want the RSA Key.)
- The certificate issuer will generate and return an SSL Certificate as well as an SSL CA Certificate (Trusted Authority) (sometimes called a "CA Bundle"). These two pieces of information will be encrypted text documents. Typically, they will be provided via email as compressed (zipped) attachments.
- Now that you have the SSL certificate and the SSL CA certificate, you are ready to fill out the SSL installation form. When you received the results for your CSR form, we provided you with the RSA Private Key to submit on the installation form. Once you complete this form, click Submit to complete your request.
- Pay the HostGator invoice for installing the SSL Certificate. (Installation is free if you have a managed Dedicated Server; $10 otherwise.)
Once these steps have been completed, we will install your SSL Certificate.
For those who prefer a more visual approach, this flow chart may help you envision the process of purchasing a third-party SSL Certificate.
If you do not wish to be the middleman between the certificate issuer and HostGator, you may purchase an SSL certificate directly from us, and we will take care of most of the necessary steps for you.
The CSR is only required for issuing a new certificate. If you are renewing your certificate or if your certificate is expired, then you will need a new CSR since you will be issued a new certificate with a new expiration date.
Matching RSA Key
If you already have an SSL certificate and its matching RSA key, you may proceed directly to the installation form. If you do not know whether your RSA and Certificate match, please check using this tool before submitting them: https://www.sslshopper.com/certificate-key-matcher.html
If for any reason your certificate does NOT match your RSA key or if you never received an RSA key, you will need to obtain a matching pair. The easiest way to do this is to request a new CSR, then have the certificate reissued with the new CSR as explained in the instructions above.
The CA bundle is not necessary if your certificate is "browser recognized," but it is perfectly fine to provide it anyway. It can also be corrected later if we discover that the certificate won't work correctly without the CA bundle.