<li>If you don't have any SSL certificates, you can generate a new signed certificate with one click. The <b>Control Panel</b> uses the <a target="_blank" href="https://letsencrypt.org/">letsencrypt.org</a> service to generate the CA-signed certificates.</li>
<li>If you have an existing private key generated on your server and a public key certificate created on its base (self-signed or issued by a Certification Authority), you can simply upload them in the <b>Control Panel</b>.</li>
</ul>
<div class="block-editor">
<span class="toggler showcont">View the information about self-signed and CA-signed certificates</span>
<span class="toggler hidecont" style="display:none">Hide the information about self-signed and CA-signed certificates</span>
<div class="contents" style="display: none">
<p>A <b>self-signed certificate</b> is signed by the same person who creates it. Such a certificate can be created using the <code>OpenSSL</code> toolkit, for example. Although self-signed certificates ensure a sufficient security level, they may cause some issues. E.g., when you access your portal, a security warning appears in a browser informing you that the certificate cannot be verified. They are also considered more vulnerable to the man-in-the-middle attacks. It's better to use self-signed certificates for testing purposes or on a server that can only be accessed from your local network.</p>
<p>A <b>CA-signed certificate</b> is signed by a trusted third party (Certification Authority, CA). Such certificates can be acquired from any SSL certificate provider you like. In most cases, to do that you need to generate a private key and CSR (Certificate Signing Request) using any preferred tool (<code>OpenSSL</code>, for example), then send the CSR to a Certificate Authority who will verify your identity and issue a signed certificate. In the case of such a certificate usage, the Certificate Authority verifies that the certificate is valid, so no security warnings will be displayed. Besides, a higher security level will be enabled for sensitive data.</p>
</div>
</div>
<p>To access <b>Control Panel</b>, sign in to your portal and click the 'Control Panel' link on the <b>Start Page</b>. Alternatively, you can go to the portal 'Settings' and click the 'Control Panel' link on the left-side panel.</p>
<li>Open the <b>HTTPS</b> page in the <b>COMMON SETTINGS</b> section on the left sidebar.</li>
<li>Click the <b>GENERATE AND APPLY</b> button. A popup message box will appear informing you that the certificate and private key are successfully generated.</li>
<li>After that your <b>Control Panel</b> and portal will be restarted and become unavailable during this process. It can take up to 5 minutes. Once the certificate installation process is over, your portal will be available over HTTPS.</li>
</ol>
<p>To remove the installed certificate, use the <b>DELETE</b> button.</p>
</div>
</div>
<h2 id="step2">Upload an existing certificate and private key</h2>
<div class="block_of_step">
<div class="screen_text">
<p>To use an existing <b>.crt</b> certificate and private <b>.key</b> key:</p>
<li>Click the <b>Plus</b> button next to the <b>HTTPS key</b> field and select your private .key key to upload it.
<div class="notehelp">
Before uploading, please make sure that the private key is not encrypted. If you have a password-protected .key file, you will need to decrypt it first.
</div>
</li>
<li>Once the .crt and .key files are uploaded, click the <b>APPLY</b> button at the bottom of the page.</li>
<li>After that your <b>Control Panel</b> and portal will be restarted and become unavailable during this process. It can take up to 5 minutes. Once the certificate installation process is over, your portal will be available over HTTPS. The domain name that your certificate was issued for is now displayed in the <b>Generated on domain</b> section of the <b>HTTPS</b> page in the <b>Control Panel</b>.