Overview
This article explains how to prepare and install a third-party certificate in the panel.
Before you begin
There are a few things you must complete before installing a third-party SSL certificate.
Create a CSR at DreamHost
If you would like to purchase an SSL certificate from another company, you must create a Certificate Signing Request (CSR) at DreamHost before requesting it from your chosen Certificate Authority. That company will then be able to use this CSR to generate your SSL certificate.
What if I already have my certificate information?
If you already have a private key, intermediate certificate, and signed SSL certificate, you still need to create a CSR at DreamHost before installing it. You can then give this CSR to your Certificate Authority, who will re-issue the certificate to you. You can then use these new files to install them into your DreamHost panel.
Make sure you have the private key
If you already have a signed SSL certificate but do not have the corresponding private key, you won't be able to install it on DreamHost's servers. Also, do not create a private key that is password-protected, as the DreamHost panel does not accept these.
Some Certificate Authorities zip all of the SSL certificate files for you. To view the files, make sure you first decompress the zip file:
- On a Mac, double-click the file.
- In Windows, right-click and select Extract All.
Installing a certificate
After you create a CSR and gather all of the third-party certificate details, you can install it in the DreamHost panel using the following steps.
- Navigate to the Secure Certificates page.
- Click the Add button to the right of your domain.
- Click the tab titled Import a Certificate at the top.
- Click the Select This Option button.
- Enter your third-party certificate information into the following fields:
- Certificate Signing Request (CSR)
- Certificate
- Private Key
- Intermediate Certificate
- Click the Proceed with Certificate Configuration button. The new certificate is pushed out to the live servers within 15 minutes.
- Return to the Secure Certificates page. The certificate now displays as Imported.
- Load your site in a browser using https.
- A lock icon appears at the beginning of the URL. When you click on the icon, a popup indicates that the certificate is verified and active.
If you see a key does not match cert error message, it means that the SSL certificate you're trying to install does not match the private key that is currently installed. This usually happens because the CSR used to purchase the SSL certificate was not generated with the private key in the panel.