 (1).svg)
 (1).png)
 (1).svg)
.svg)
Overview
This interface provides a comprehensive overview of your domains' Secure Sockets Layer (SSL) certificates, allowing you to easily monitor and manage their security status. You can also delve into the specific details of each domain's certificate.
Important Considerations:
- cPanel & WHM fully supports Transport Layer Security (TLS) protocol version 1.2 and Transport Layer Security (TLS) protocol version 1.3.
- The system exclusively supports TLSv1.2 or later, with TLSv1.2 enabled by default.
- Not all client environments may support TLSv1.3, as it necessitates OpenSSL 1.1.1 or a more recent version.
- If you utilize AutoSSL or SSL certificates purchased through your cPanel account to secure a linked mail node, it is critical that your cPanel & WHM nodes possess the capability to manage the authoritative DNS server.
For more detailed information regarding how SSL/TLS protocols authenticate server identities and safeguard your websites, please refer to our comprehensive Guide to SSL.
CAA Records in Zone Files
Certificate Authority Authorization (CAA) records, located within a domain’s zone file, are used to restrict which Certificate Authorities (CAs) are permitted to issue certificates for that specific domain.
- If a domain has no existing CAA records, any CA is authorized to issue certificates for it.
- Should conflicting CAA records be present, it is necessary to either remove the problematic records or add a new one for your preferred CA.
You can effectively manage your CAA records through the Zone Editor interface (accessible via cPanel » Home » Domains » Zone Editor). For specific CA requirements, always consult their official documentation.
The banner positioned at the top of the interface offers the following convenient actions:
| Action | Description |
|---|---|
| Purchase Certificates | Selecting this option will redirect you to the SSL/TLS Wizard interface (cPanel » Home » Security » SSL/TLS Wizard), where you can procure new certificates. |
| Show Unsecured Domains | This filter will refine the list of domains in the Domains table, displaying only those domains that currently lack proper SSL security. Recommendation: We unequivocally advise that all domains accessible to your visitors are secured with an SSL certificate to ensure data integrity and user trust. |
Search and Filter Functionality
The Search text box empowers you to efficiently filter the Domains table by entering all or part of a domain name. As you type, the table will dynamically update to reflect your search criteria.
- Enter a complete or partial domain name to refine the displayed results.
- Clicking the filter icon (
) will reveal all available filtering options, allowing for more granular control over your view.
You can select from the following comprehensive filters:
Domain Types
| Domain Type | Description | Examples |
|---|---|---|
| All | Displays all domains registered on the account, regardless of their specific type. This is the default search filter setting. | |
| Main | Shows only the primary domains associated with your account. |
|
| Subdomain | Filters the list to display subdomains. |
|
| Addon Domains | Presents only addon domains configured on your account. |
|
| Parked Domains | Displays domains that are parked on your account. |
|
| www and mail domain | Filters to show both www and mail subdomains specifically. |
|
| Service subdomains | Highlights service subdomains that facilitate various cPanel & WHM functionalities. |
|
| DDNS Domains | Lists dynamic DNS domains configured for dynamic IP addressing. |
|
SSL Certificate Types
| SSL Types | Description |
|---|---|
| All | Displays all domains, irrespective of their assigned certificate type. This is the default filter selection. |
| Unsecured | Filters the list to show domains that currently do not have any SSL certificate installed. |
| Self-Signed | Presents domains that have been secured using a self-signed certificate. It is important to note that self-signed certificates are not validated by any Certificate Authority (CA). |
| AutoSSL DV Certificate | Displays domains that have been secured with a AutoSSL-issued Domain-Validated (DV) certificate. |
| DV Certificate | Filters to show domains secured with a standard DV certificate. |
| OV Certificate | Lists domains that are protected by an Organizational Validation (OV) certificate, which includes basic organizational authentication. |
| EV Certificate | Displays domains secured with an Extended Validation (EV) certificate, offering the highest level of trust and validation. |
SSL Certificate Statuses
| SSL Statuses | Description |
|---|---|
| All | Shows all domains without regard to their certificate status. This is the default filter setting. |
| Active | Displays domains that are currently secured by valid and active certificates. |
| Expired | Filters the list to present domains with certificates that have passed their expiration date. |
| Expiring Soon | Highlights domains whose certificates are nearing their expiration and will require renewal shortly. |
| Unsecured | Presents domains that currently do not possess an SSL certificate. |
| Has AutoSSL Problems | Filters to show domains experiencing issues with AutoSSL. An example includes domains that do not correctly resolve to an IPv4 address on the internet. |
AutoSSL Statuses
| AutoSSL Statuses | Description |
|---|---|
| All | Displays all domains regardless of their AutoSSL status. This is the default filter. |
| Included | Filters to show domains that are automatically included when AutoSSL runs its certificate issuance and renewal processes. |
| Excluded | Presents domains that are explicitly excluded from AutoSSL's operations. |
The Domains Table
The Domains table provides a comprehensive listing of all your domains and their associated SSL certificates. This central hub allows you to conveniently view the detailed status of each domain's certificate or initiate an upgrade process when needed. The table systematically displays the following critical information:
Domain Information
This column presents either a complete or a filtered list of all domains residing on your cPanel account. Alongside each domain name, an intuitive icon is displayed to visually represent the type of certificate securing it:
| Icon | Certificate type |
|---|---|
 |
Unsecured |
 |
Self-Signed |
 |
AutoSSL DV certificate |
 |
DV certificate |
 |
OV certificate |
 |
EV certificate |
Certificate Status Details
This column offers in-depth information regarding a domain’s certificate status. Should an error related to AutoSSL exist for the domain within the /var/cpanel/logs/autossl/ directory, this column will clearly display that error. Additionally, it indicates the last time AutoSSL was executed for the specific domain. You can also interact with the following essential settings:
| Setting | Description |
|---|---|
| View Certificate | Allows you to inspect the domain’s current certificate details. Selecting this option will direct you to the Install and Manage SSL for your site (HTTPS) section within the SSL/TLS interface (cPanel » Home » Security » SSL/TLS). Note: This setting is exclusively available for domains that already possess an installed certificate. |
| Upgrade Certificate or Purchase Certificate | Provides the option to either upgrade an existing certificate or purchase a new one for the domain. This action will navigate you to the SSL/TLS Wizard interface (cPanel » Home » Security » SSL/TLS Wizard). Within this interface, the domain and all available certificate types for it will be clearly presented. Note: These settings are only enabled for domains where such actions are applicable. |
