Step by step guide to installing a SSL origin certificate on Godaddy using cPanel
The aim of this post is to quickly go through the setup process to get you started as fast as possible rather than an in-depth article. Let’s set up a free full(strict) SSL certificate provided by Cloudflare on a shared hosting plan from Godaddy.
This guide lists each step to follow in order to encrypt the connection between your website visitors and CloudFlare AND from CloudFlare to your server using the free Cloudflare plan. We will explain why your site should be using an SSL certificate and how to set it up on both Cloudflare and Godaddy.
Why should you use SSL?
Cloudflare briefly and simply explains this: “Use SSL in order to encrypt data, like credit card numbers, and other sensitive information while in transit to and from your website. SSL encryption ensures that communication between your visitor and website is confidential.
Additional benefits of SSL:
- Visitors have a way to verify that they are on your website and not that of an impostor
- Visitors can verify that your website’s content has not been modified in transit
- Your website’s search engine ranking may be improved”
Setting up Cloudflare origin CA certificate
You should already have setup Cloudflare but if this is not the case, you can signup and follow the provided instructions.
- Go to the “crypto” page
- Click on “create certificate” button located in the “origin certificate” box
- Select “Let Cloudflare generate a private key and a CSR”
- Enter your domain(s) and click NEXT. Note that you can add any other domains e.g. abc.com, def.com, etc
- On the next screen, keep the default PEM key format
- Copy both your origin certificate and private key
- Click OK
For more details regarding the creation of the certificate, you can follow this guide by CloudFlare.
You should now be all set but do not yet turn the SSL to full (strict) mode as we need to install the certificate on Godaddy first.
Installing SSL on Godaddy using the cPanel
This is very easy as there is an SSL section in the cPanel which allows the creation or upload of the certificate and private key. It’s also where we will be installing the certificate.
- In the cPanel, click on SSL/TLS
- Go to the “Private Key (KEY)” page and UPLOAD the key you generated earlier
- Follow the same step for the “certificate (CRT)”
- Click on “manage SSL sites”
- Keep all options as they are and select your domain
- A new “autofill by domain” button should appear. Click on it
- Your key and certificate should now be visible, only the last input should be empty (CABUNDLE). If you try to install the origin CA at this point, you may get an error similar to this: “cloudflare ca bundle certificate authority bundle cloudflare the system did not find the certificate authority bundle that matches this certificate“
- If you get an error, enter the Cloudflare origin CA RS root provided below (source)
- Click the “Install certificate” button
CloudFlare Origin CA — RSA Root
-----BEGIN CERTIFICATE----- MIID/DCCAuagAwIBAgIID+rOSdTGfGcwCwYJKoZIhvcNAQELMIGLMQswCQYDVQQG EwJVUzEZMBcGA1UEChMQQ2xvdWRGbGFyZSwgSW5jLjE0MDIGA1UECxMrQ2xvdWRG bGFyZSBPcmlnaW4gU1NMIENlcnRpZmljYXRlIEF1dGhvcml0eTEWMBQGA1UEBxMN U2FuIEZyYW5jaXNjbzETMBEGA1UECBMKQ2FsaWZvcm5pYTAeFw0xNDExMTMyMDM4 NTBaFw0xOTExMTQwMTQzNTBaMIGLMQswCQYDVQQGEwJVUzEZMBcGA1UEChMQQ2xv dWRGbGFyZSwgSW5jLjE0MDIGA1UECxMrQ2xvdWRGbGFyZSBPcmlnaW4gU1NMIENl cnRpZmljYXRlIEF1dGhvcml0eTEWMBQGA1UEBxMNU2FuIEZyYW5jaXNjbzETMBEG A1UECBMKQ2FsaWZvcm5pYTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB AMBIlWf1KEKR5hbB75OYrAcUXobpD/AxvSYRXr91mbRu+lqE7YbyyRUShQh15lem ef+umeEtPZoLFLhcLyczJxOhI+siLGDQm/a/UDkWvAXYa5DZ+pHU5ct5nZ8pGzqJ p8G1Hy5RMVYDXZT9F6EaHjMG0OOffH6Ih25TtgfyyrjXycwDH0u6GXt+G/rywcqz /9W4Aki3XNQMUHNQAtBLEEIYHMkyTYJxuL2tXO6ID5cCsoWw8meHufTeZW2DyUpl yP3AHt4149RQSyWZMJ6AyntL9d8Xhfpxd9rJkh9Kge2iV9rQTFuE1rRT5s7OSJcK xUsklgHcGHYMcNfNMilNHb8CAwEAAaNmMGQwDgYDVR0PAQH/BAQDAgAGMBIGA1Ud EwEB/wQIMAYBAf8CAQIwHQYDVR0OBBYEFCToU1ddfDRAh6nrlNu64RZ4/CmkMB8G A1UdIwQYMBaAFCToU1ddfDRAh6nrlNu64RZ4/CmkMAsGCSqGSIb3DQEBCwOCAQEA cQDBVAoRrhhsGegsSFsv1w8v27zzHKaJNv6ffLGIRvXK8VKKK0gKXh2zQtN9SnaD gYNe7Pr4C3I8ooYKRJJWLsmEHdGdnYYmj0OJfGrfQf6MLIc/11bQhLepZTxdhFYh QGgDl6gRmb8aDwk7Q92BPvek5nMzaWlP82ixavvYI+okoSY8pwdcVKobx6rWzMWz ZEC9M6H3F0dDYE23XcCFIdgNSAmmGyXPBstOe0aAJXwJTxOEPn36VWr0PKIQJy5Y 4o1wpMpqCOIwWc8J9REV/REzN6Z1LXImdUgXIXOwrz56gKUJzPejtBQyIGj0mveX Fu6q54beR89jDc+oABmOgg== -----END CERTIFICATE-----
The very last step! Turn your SSL ON on Cloudflare
You should now be ready to use the full(strict) SSL on your website. Go back to the CRYPTO page on Cloudflare and select “full (strict)”.
Make sure that your website works by loading it using https.
Edit:As mentioned in the comment section, you should make sure that your website uses ‘https://’ URLs so you may want to add redirects rules and check that all content is loaded from secure URLs.
Feel free to let me know if you have any questions or would like to add anything to this post. I hope it was as quickly and easy to follow as possible. Cheers!