Guide to Installing SSL Certificates at Cloudways

Looking to secure your website with HTTPS? This guide will show you how to easily install an SSL certificate on your Cloudways-hosted application.

Whether you choose the free Let’s Encrypt SSL or upload a custom one, we’ll walk you through each step.

By the end, your site will be protected with a secure connection, giving your visitors confidence and improving your site’s trust and performance.

Table of Contents:

You have two options for installing an SSL certificate on your application:

After installing your SSL certificate, it’s important to check that everything is working correctly. A misconfigured certificate can cause browser warnings and may prevent visitors from accessing your site securely.

Verifying your SSL setup helps avoid common issues and ensures your website is protected with a valid, secure connection.

Q1. Does Cloudways sell SSL certificates?

No, we do not sell SSL certificates; however, you can use the Free Let’s Encrypt Certificate or buy an SSL certificate from third-party vendors and deploy it on your web application.

Q2. What is an SSL/TLS, and how does it work?

SSL or Secure Sockets Layer is an encryption-based internet security protocol. Netscape first developed this protocol in 1995 to ensure privacy, authentication, and datain internet communications. SSL is the predecessor to the modern TLS encryption used today. Read more here.

Q3. How many SSL certificates can be deployed on one application?

For now, only a single SSL certificate can be installed per application. SSL certificates are not copied when you clone your server. You will have to deploy another SSL certificate again on your new server.

Q4. What is the difference between single, multiple, and wildcard SSL?

Single-name SSL certificates protect a single sub-domain (hostname). For example, if you purchase a certificate for example.com, it will not secure my.example.com.

A SAN (Subject Alternative Name) certificate allows for multiple domain names to be protected with a single certificate. For example, you could get a certificate for example.com, and then add more SAN values to have the same certificate protect example.org, example.net, and even example.com.

A Wildcard SSL certificate allows you to secure multiple sub-domains with just one certificate. In many cases, the wildcard certificate makes more sense than a SAN (Subject Alternative Name) because it allows for unlimited sub-domains, and you don’t need to define them at the time of purchase. Read more here.

Q5. What are root and intermediate certificates?

The SSL certificate chain order consists of root certificates, intermediate certificates, and the end-user certificate. Root CAs are a trusted source of certificates. Intermediate CAs are bridges that link the end-user certificate to the root CA. An SSL certificate chain order is the list of intermediate CAs leading back to a trusted root CA.

Q6. What are CRT and Private KEY files of an SSL certificate?

CRT and KEY files represent two parts of an SSL certificate, CRT being the signed certificate and KEY being the private key to the certificate. .CRT is a file extension for a digital certificate used with a web browser. It is used to verify a secure website’s authenticity distributed by Certificate Authority (CA).

All SSL Certificates require a private key to work. The private key is a separate file with an extension .KEY that’s used in the encryption/decryption of data sent between your server and the connecting users. A private key is created by the certificate owner—when you request your certificate with a Certificate Signing Request (CSR). Read more here.

Q7. What is CSR?

CSR refers to Certificate Signing Request, and it is a small file in which you provide information about the certificate to be created. CSR is required by the Certification Authority or SSL vendor to sign the certificate file when you are purchasing the custom SSL certificate.

Q8. What happens when you install another SSL certificate over your current SSL certificate?

Your new SSL certificate will overwrite the existing one.

Q9. When does Let’s Encrypt SSL Certificate expire?

Let’s Encrypt SSL Certificate expires in 90 days which you can either set the instructions of renewing it automatically, or you can do an on-demand renewal of the SSL certificate via Cloudways Platform when you are close to the expiry date. Learn about the renewal procedure here.

These limitations are set by Let’s Encrypt itself. Read more about Let’s Encrypt limitations here.

Q10. Do I need to integrate CloudwaysCDN again after renewing the SSL certificate?

If you use CloudwaysCDN, then you don’t need to remove your CDN and integrate it again instead simply contact us via LiveChat or open a support ticket so we can update your new certificate at our end. If you use any other CDN besides CloudwaysCDN, you should check with their support to get your certificate updated.

Q11. Which web applications are compatible with the Let’s Encrypt SSL Certificate?

Before installing Let’s Encrypt SSL on your website, it is important to check if your web application requires any changes or not. Read more here.

Q12. How to force HTTPS redirection?

Forcing HTTPS redirection at Cloudways is effortless as now you can enable HTTPS redirection on your Cloudways Platform so Click Here to read more.

Q13. How to make the website more secure after installing the SSL certificate?

We recommend a few best practices which you can follow to enhance your website security, and here is a comprehensive guide to learn more.

Q14. How to update the TLS version?

You can easily update the TLS version using the Cloudways Platform. Check this guide to see how.

That’s it! We hope this article was helpful.

If you need assistance, feel free to:

We're here 24/7 to help you!