Install a third-party SSL certificate

If you find yourself in a situation that requires changes to your site, and your developer isn't available to help, DreamHost's skilled support team may be able to assist you for a small fee. You can find more information about supported services and associated costs in the DreamHost Professional Services article.

Creating a CSR at DreamHost

If you would like to purchase an SSL certificate from another company, make sure to first create a CSR at DreamHost before requesting it from your chosen Certificate Authority. That company will then be able to use this CSR to generate your SSL certificate.

What if I already have my certificate information?

If you already have a private key, intermediate certificate, and signed SSL certificate, you will still need to have a CSR created at DreamHost before installing. You can then give this CSR to your Certificate Authority who will re-issue the certificate to you. You can then use these new files to install them into your DreamHost panel.

Make sure you have the private key

If you already have a signed SSL certificate but do NOT have the corresponding private key, you won't be able to install it on DreamHost's servers. Also, do NOT create a private key that is password-protected, as the DreamHost panel does not accept these.

Some Certificate Authorities put all the SSL certificate files into a .zip file for you. To view the files, make sure to first decompress the zip file.

On a Mac, double click the file.

In Windows, right-click and select 'Extract All'.

Installing the certificate

The following commands must be run on the server where your website is hosted.

  1. Navigate to the Secure Certificates page.
    A list of your domains display.
  2. Click the Add button to the right of your domain.
  3. Click the tab titled Import a Certificate at the top.
  4. Click the Select This Option button.
  5. Enter your third-party certificate information into the following fields:
    • Certificate Signing Request
    • Certificate
    • Private Key
    • Intermediate Certificate
  6. Click the Proceed with Certificate Configuration button.
    The new certificate is pushed out to the live servers within 15 minutes.
  7. Return to the Secure Certificates page.
    The certificate now shows as Imported.
  8. Load your site in a browser using https.
    • You can see the padlock icon at the beginning of the URL; if you click on the icon, you’ll see that the certificate is verified and active.

If you see the error message "key does not match cert", that means that the SSL certificate you're trying to install does not match the private key that is currently installed. This typically means that the Certificate Signing Request that was used to purchase the SSL certificate was not generated with the private key that is in the panel.

See also

Did this article answer your questions?

Article last updated PST.

Still not finding what you're looking for?