> ## Documentation Index
> Fetch the complete documentation index at: https://help.noxity.io/llms.txt
> Use this file to discover all available pages before exploring further.

# Certificates

> The list of SSL certificates stored on the server. Edit, install, delete. Upload a third-party cert or generate a self-signed one.

The Certificates tab is the catalogue of every SSL certificate stored on the account, including the AutoSSL-issued ones, third-party certs you've uploaded, and any self-signed certs you generated for testing.

Open it from cPanel home → **Security** → **SSL/TLS Certificates** → **Certificates**.

<Frame caption="Certificates tab with the Certificates on Server table">
  <img src="https://mintlify.s3.us-west-1.amazonaws.com/noxity/images/cpanel/security-settings/ssl-tls-certificates/certificates/listing-light.png" alt="Certificates tab listing every cert with Edit, Delete, Install actions" className="block dark:hidden" />

  <img src="https://mintlify.s3.us-west-1.amazonaws.com/noxity/images/cpanel/security-settings/ssl-tls-certificates/certificates/listing-dark.png" alt="Certificates tab listing every cert with Edit, Delete, Install actions" className="hidden dark:block" />
</Frame>

## What's in the list

Each row is one certificate, with these columns:

* **Domains.** The hostnames on the cert. Multi-domain (UCC/SAN) certs list all of them.
* **Issuer.** The Certificate Authority that signed it (Let's Encrypt, Sectigo, CloudFlare, Inc., your account name for self-signed).
* **Expiration (UTC).** The "not after" date on the cert.
* **Key Type.** RSA 2048-bit / 4096-bit / ECDSA P-256 / ECDSA P-384.
* **Description.** Free-form note you can attach to a cert.
* **Actions.** Edit, Delete, Install.

## Per-row actions

| Action      | What it does                                                                                                                                                                |
| ----------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| **Edit**    | Update the description. The cert body itself isn't editable; if it's wrong, delete and re-upload.                                                                           |
| **Delete**  | Remove the cert from the server. If the cert is currently installed on a domain, the domain falls back to a default cert until you install a replacement.                   |
| **Install** | Open the [Installation tab](/web-hosting/cpanel/security-settings/ssl-tls-certificates/installation) pre-loaded with this cert. The familiar "Install an SSL Website" form. |

## Upload a third-party certificate

If you bought a certificate from DigiCert, Sectigo, GoDaddy, Comodo, or any other paid CA, this is where you paste the issued certificate body so cPanel knows about it.

<Steps>
  <Step title="Click Upload a Certificate">
    Top right of the Certificates tab.

    <Frame>
      <img src="https://mintlify.s3.us-west-1.amazonaws.com/noxity/images/cpanel/security-settings/ssl-tls-certificates/certificates/upload-light.png" alt="Upload a New Certificate form" className="block dark:hidden" />

      <img src="https://mintlify.s3.us-west-1.amazonaws.com/noxity/images/cpanel/security-settings/ssl-tls-certificates/certificates/upload-dark.png" alt="Upload a New Certificate form" className="hidden dark:block" />
    </Frame>
  </Step>

  <Step title="Paste or upload the cert body">
    Either paste the contents of your `.crt` file into the text area, or use the file picker to select the `.crt` directly. Both work.

    Don't paste the full chain (cert + intermediates + root) here. Just the leaf certificate. cPanel sources the intermediates automatically; if it can't, you'll provide them on the [Installation tab](/web-hosting/cpanel/security-settings/ssl-tls-certificates/installation) under **CABUNDLE**.
  </Step>

  <Step title="Add a description (optional)">
    A short note about which CA, which domain, when you bought it. Searchable in the list later.
  </Step>

  <Step title="Click Save Certificate or Upload Certificate">
    The cert lands in the table. It is not yet installed on any domain; click **Install** on the row, or go to the [Installation tab](/web-hosting/cpanel/security-settings/ssl-tls-certificates/installation), to deploy it.
  </Step>
</Steps>

## Generate a self-signed certificate

Useful for testing or for an internal-only service. Browsers won't trust the cert (they'll throw a warning), so don't use this on production sites.

<Steps>
  <Step title="Click Generate a self-signed certificate">
    Top right of the Certificates tab.

    <Frame>
      <img src="https://mintlify.s3.us-west-1.amazonaws.com/noxity/images/cpanel/security-settings/ssl-tls-certificates/certificates/generate-light.png" alt="Generate a New Certificate form" className="block dark:hidden" />

      <img src="https://mintlify.s3.us-west-1.amazonaws.com/noxity/images/cpanel/security-settings/ssl-tls-certificates/certificates/generate-dark.png" alt="Generate a New Certificate form" className="hidden dark:block" />
    </Frame>
  </Step>

  <Step title="Pick or generate a key">
    From the **Key** dropdown, either generate a new RSA 2048-bit key (the default) or pick an existing one from the [Keys tab](/web-hosting/cpanel/security-settings/ssl-tls-certificates/keys).
  </Step>

  <Step title="Fill in the certificate fields">
    * **Domains.** One per line. Wildcards are allowed (`*.example.com`).
    * **City.** Full city name, no abbreviations.
    * **State.** Full state or province name.
    * **Country.** Pick from the dropdown.
    * **Company.** Legally-registered name. For a personal cert, your name is fine.
    * **Company Division.** Optional. Department or sub-team.
    * **Email.** Optional but recommended. Verification address if you ever switch this to a real CSR.
    * **Description.** Free-form note.
  </Step>

  <Step title="Click Generate">
    cPanel creates the self-signed cert and the matching key (if you generated one) and adds them to the lists.
  </Step>
</Steps>

## Common issues

<AccordionGroup>
  <Accordion title="Uploaded a paid cert but it won't install">
    Two things to check: the matching private key is in the [Keys tab](/web-hosting/cpanel/security-settings/ssl-tls-certificates/keys), and the CA bundle (intermediate certificates) is either picked up automatically or pasted manually on the [Installation tab](/web-hosting/cpanel/security-settings/ssl-tls-certificates/installation).
  </Accordion>

  <Accordion title="The cert covers more domains than the install allows">
    cPanel will only install on domains attached to your account. If the cert was issued for `partner-domain.com`, you can store it but you can't install it here unless you add `partner-domain.com` as an addon or alias first.
  </Accordion>

  <Accordion title="I want to delete a cert that's still in use">
    cPanel warns when the cert is installed on at least one domain. Confirm to delete; the domain falls back to the default account cert. Replace it with a working cert via the [Wizard](/web-hosting/cpanel/security-settings/ssl-tls-certificates/wizard) before browsers notice.
  </Accordion>
</AccordionGroup>

## Need a hand?

<CardGroup cols={2}>
  <Card title="Open a ticket" icon="life-ring" href="https://members.noxity.io/submitticket.php">
    Best for anything that needs an account check or a config change on our end.
  </Card>

  <Card title="Live chat" icon="messages" href="https://noxity.io/contact">
    Faster for quick questions during business hours.
  </Card>
</CardGroup>