Installing a Free SSL via the cPanel AutoSSL Feature

AutoSSL is a feature introduced in cPanel 58 which automatically installs domain-validated SSL certificates on cPanel domains. This can be initiated from both cPanel and WHM. 

  • If you are trying to replace a valid SSL certificate from another provider with AutoSSL it will need to be manually deleted first (Or you will need to enable replacing old/bad certificates and wait until less than 3 days before the current certificate expires).
  • You can do this in cPanel by navigating to Manage SSL Sites in the Security section.
  • You can do this in WHM by clicking on Manage SSL Hosts or the SSL Storage Manager, both of which can be found in the SSL/TLS section of the sidebar.
cPanel WHM

Here is how to initiate an AutoSSL check from your cPanel account.

  1. Log into your cPanel account and navigate to SSL/TLS Status in the Security section.
  2. Click the domain(s) you'd like to install a SSL on and click Run AutoSSL.
    Click the Run AutoSSL button After Checking the Box Next to the Domain(s) you Want to Secure
  3. AutoSSL will take a few minutes to finish. When it completes successfully the page will update with a success notification. 

  4. Next cPanel will automatically poll Comodo for a new SSL. This polling process usually takes a few minutes but can last up to a day or more (since there are restrictions on the number of requests that can be made per day). Once it has completed your domain will have a new valid AutoSSL installed. 
    If the Automatic Verification is Successful, the New SSL Certificate will be Installed

    If more than 36 hours have passed and your AutoSSL is not installed please contact our technical support team for further assistance.

    If you'd rather not wait for your SSL certificate, or if you'd like to authenticate using email or some other method, you can purchase an SSL from us through your CORE account.

    1. If AutoSSL encounters any errors, the page will update with a failure notification explaining the current issue. In the example below, the domain "1hdtest.tld" does not resolve to any IP address. So its DNS record will need to be updated in order for AutoSSL to run successfully.
      If There is a Problem, the Error will be Displayed so you can Address It

Here's how to request a free certificate via WHM as the root user.

The AutoSSL interface in WHM is only visible to the root user, not a reseller. 


  1. Login into WHM as root and type in autossl into the sidebar search box. Click on Manage AutoSSL in the SSL/TLS section of the sidebar.
    Click on Manage AutoSSL in the Sidebar
  2. Click on the Providers tab and ensure you have "cPanel (powered by Sectigo)" checked. Click Save to update your settings.
    Make Sure the Provider is Selected and Click Save if Changes are Made
  3. Click on the Manage Users tab. Using the search bar find the cPanel account you want to install AutoSSL on, make sure AutoSSL is enabled (either by default for everyone or for this specific user) and click Check "cPanel Username".

  4. Click on the Logs tab, then click Refresh to make sure the latest logs are available. A new AutoSSL log for the user should appear near the top of the list. Select it and click View Log. If your SSL has validated successfully you will see the system attempt to issue new SSL's for all successful domains under that cPanel account.
    Select a Log from the List and Click View Log to See the Status of the Process

    If your SSL validation fails the Logs tab will output any errors encountered.

    The most common errors are usually DNS related. Your domain must be pointed towards the server in order for AutoSSL to be installed. 

    In some cases the domain may be on a blacklist due to the name of the domain or because the domain is associated with malware or spam.

    Even if you fix the issue, keep in mind that there is a limitation to how often the system will check for updates (even if you try to force a new check), so you may have to be patient.

    Please contact us if you are uncertain how to deal with the issue.

    Alternately, you can purchase an SSL through your CORE account if you'd like to use an alternate authentication method or if you don't want to wait an extended amount of time for the certificate to be issues.

  5. Finally, cPanel will poll Comodo for an SSL. You can view your AutoSSL status in the Pending Queue tab. 

    The polling process usually takes a few minutes but can last up to a few hours. If your AutoSSL request has been in the queue for over 36 hours please contact us for further assistance. 

    The Pending Queue will Show the Status of Any SSL Requests that Have not Been Installed Yet