When to Use Custom SSL

You might need a custom SSL certificate instead of free Let's Encrypt for:

  • Extended Validation (EV): Shows company name in browser
  • Wildcard SSL: Secure unlimited subdomains
  • Organization Validation (OV): Verified business identity
  • Longer Validity: Up to 1-2 years
  • Warranty: Financial protection if breached

What You'll Need

From your SSL provider, you'll receive:

  • Certificate (CRT): Your domain's SSL certificate
  • Private Key: Generated when you created the CSR
  • CA Bundle: Intermediate/chain certificates
Important: Keep your private key secure. Never share it or transmit it over insecure channels.

Step 1: Generate CSR (If Not Done)

If you haven't purchased your certificate yet, generate a CSR first:

1

Go to SSL Section

In EGPNL, navigate to SSLGenerate CSR.

2

Fill in Details

Enter your domain name, organization details, and location.

3

Generate and Save

Click Generate. Save both the CSR and Private Key securely.

Step 2: Purchase SSL Certificate

Submit your CSR to an SSL provider like:

  • DigiCert
  • Sectigo (formerly Comodo)
  • GlobalSign
  • GeoTrust

Complete their verification process and download your certificate files.

Step 3: Install Certificate

1

Access SSL Settings

In EGPNL, go to SSLInstall Custom Certificate.

2

Select Domain

Choose the domain you're installing the certificate for.

3

Enter Certificate

Paste your certificate content including -----BEGIN CERTIFICATE----- and -----END CERTIFICATE-----.

4

Enter Private Key

Paste your private key content including the BEGIN and END markers.

5

Enter CA Bundle (Optional)

Paste the intermediate/chain certificates if provided.

6

Install

Click Install Certificate and wait for confirmation.

File Format: Certificates should be in PEM format (text with BEGIN/END markers). If you have .pfx or .p12 files, convert them first.

Verify Installation

  1. Visit your website using https://
  2. Click the padlock icon in the browser
  3. View certificate details to confirm it's your new certificate
  4. Check validity dates and issuer

SSL Checker Tools

Use these tools to verify your installation:

Common Issues

Certificate Chain Incomplete

Make sure to include the CA bundle/intermediate certificates.

Private Key Mismatch

The private key must match the one used to generate the CSR.

Certificate Expired

Ensure you're using a current, valid certificate.

Related Articles

Free SSL Setup SSL Renewal Guide Fixing SSL Errors Nginx Configuration