Skip to main content

How to Install Custom SSL Certificate on Your Application

Install a custom SSL on Cloudways using CRT, KEY, and CA bundle. Secure your site with HTTPS and verify SSL in easy steps.

Written by Syed Abuzar Mehdi
Updated over 9 months ago

To keep your website secure and show visitors that their connection is safe, you can install a custom SSL certificate on your application hosted on Cloudways.

This guide walks you through the simple steps to upload and install an SSL certificate you’ve purchased from any trusted Certificate Authority (CA), such as DigiCert, Namecheap, or Comodo.

You’ll also learn how to enable HTTPS redirection and verify that your SSL is working correctly.

Table of Contents:

How to Install Custom SSL Certificate?

Cloudways lets you install an SSL certificate purchased from any Certificate Authority (CA).

This guide covers the steps to upload and install a custom SSL on your Cloudways-hosted site. You can also check our article on what SSL is and why it matters.

Important: If you're using integrated Cloudflare Enterprise, SSL is managed directly through Cloudflare, so installing an additional certificate on the Cloudways server isn’t required. However, you can still install a custom SSL on the origin server for added security or specific needs. If you're not on Cloudflare Enterprise, using a Cloudflare Origin Certificate is a good option to secure traffic and hide your server’s IP address.

Installing a custom SSL certificate on Cloudways is simple. Just follow the steps below.

Keep in mind that only one SSL certificate can be active per application—adding a new one will replace the existing certificate.

Tip:

If you don’t need a custom SSL, you can quickly install a Free Let's Encrypt SSL Certificate on your website directly from the Cloudways Platform.

Prerequisites

  • Your website should be live. It means that domains are mapped correctly, and DNS records are correctly pointed.

  • See if your web application is compatible.

  • You have purchased SSL certificate from any Certificate Authority (CA) or vendor such as DigiCert, Namecheap, Comodo, etc.

Step #1 — Navigate to SSL Management:

Log in to the Cloudways Platform using your email address and password.

  1. From the top menu bar, click Servers.

  2. Then, choose your target server where your desired application is deployed.

  3. Next, click www.

  4. Select your application.

  5. Under Application Management, click the SSL Certificate.

Step# 2 — Deploying SSL Certificate:

Now, you need to deploy your Custom SSL certificate on the application that you have purchased before. If you haven't purchased an SSL certificate yet. In that case, you need to buy an SSL Certificate from any Certificate Authority (CA) or vendor such as DigiCert, Namecheap, Comodo, etc.

  1. Select Upload Custom SSL and Key file(s) from the dropdown.

  2. Next, click Install SSL.

  3. You will be prompted to enter the CRT content and Key content.

    1. CRT content — Refers to your application SSL certificate file content. Most of the SSL vendors usually provide this in .crt or .cer file format (e.g., domain.crt/domain.cer).

      1. You also need to concatenate your CA Chain, which Refers to the certificate chain (intermediate certificate). It is usually provided in .ca or .ca-bundle file format (e.g., mdomain.ca/domain.ca-bundle). You can use any text editor such as Notepad for Windows and TextEdit for Mac for concatenation.

    2. KEY content — All SSL certificates require a private key to work. The private key is a separate file with an extension .KEY that's used in the encryption/decryption of data sent between your server and the connecting users. A private key is created by the certificate owner when you request your certificate with a Certificate Signing Request (CSR).

Please note that these file formats and standards can vary, considering many SSL certificate providers have many different formats and standards. Still, if you need any help, you can always contact us via chat or create a support ticket.

Finally, click Submit to deploy the certificate.

Tip:

To view and copy your certificate file content (.crt/.cer file), you can use any text editor such as Notepad for Windows and TextEdit for Mac. Please copy and paste the whole certificate, including —–BEGIN CERTIFICATE —– & —– END CERTIFICATE —– lines.

Your SSL certificate will be deployed in a few minutes. Renewals and revocations are handled by your Certificate Authority, but you can remove the certificate anytime from the Cloudways Platform using the Remove SSL option.

You may also be prompted to force HTTPS redirection.

Forcing HTTPS Redirection

It's time to force HTTPS redirection to ensure that your site always runs on a secured protocol. Once prompted, click Enable HTTPS. Please note that you can also force HTTPS redirection later as well.

Note:

If you've already enabled HTTPS redirection through a firewall (e.g., Cloudflare, Sucuri) or an application plugin, you don't need to set it up again on the Cloudways Platform. If you do choose to enable it from Cloudways, make sure to disable any existing redirection rules elsewhere to avoid conflicts or redirect loops.

Here comes the next step of verifying your SSL certificate to ensure that your certificate is configured correctly.

How to Verify Your SSL Certificate

We highly recommend verifying your SSL certificate, and we have created a self-explanatory guide for it. Verification is done to ensure that the SSL certificate is configured correctly.

Configuring SSL with Cloudflare Integration

Integrating Cloudflare with your Cloudways-hosted website requires setting up SSL correctly for smooth and secure operations. Below are some recommendations:

Recommended SSL/TLS Encryption Modes

  • For Cloudflare Enterprise users: Set the SSL/TLS encryption mode to 'Flexible' since SSL is managed through Cloudflare.

  • For non-Enterprise users: Install a Cloudflare Origin Certificate as a custom SSL to ensure security while hiding your server’s IP address.

Best Practices for SSL and Domain Configurations

  1. Add your domain to the domain management section.

  2. Install the Cloudflare Origin certificate as a custom SSL.

  3. Point your domain to the new server. This balance ensures optimal security and functionality, especially for security-conscious users.

Addressing Common Issues with Cloudflare SSL

Problem: SSL integration fails after renewal.

  • Cause: The domain doesn’t point correctly to the server or is proxied.

  • Solution: Use the Cloudflare Enterprise feature to enable auto-renewal and update DNS records accordingly. Problem: SSL mode automatically switches to 'Strict'.

  • Solution: Notify Cloudflare support as this issue requires their investigation. For a seamless SSL integration experience, these steps will help resolve common obstacles when using Cloudflare with Cloudways.

That’s it! We hope this article was helpful.

Need Help?

If you need assistance, feel free to:

We're here 24/7 to help you!

Did this answer your question?