Order an SSL Certificate Through Winhost

Winhost > SSL

Overview

Winhost makes ordering an SSL certificate simple. When you order through the Winhost Control Panel, everything is handled automatically. Just follow the steps below, and your certificate will typically be issued and installed within 10 minutes.

Good to know: you have two options for getting SSL on your site — (I) order a certificate from Winhost, or (II) upload a PFX file of an SSL certificate that you obtained elsewhere. You no longer need to generate a CSR yourself; Winhost handles that behind the scenes.

Before You Begin

You will need a Max plan or higher to use SSL. If you are on a Basic plan, upgrade first:

  1. Log in to the Winhost Control Panel.
  2. Go to Sites > [your domain] > Change Plan.
  3. Select Max or a higher plan and complete the upgrade.

Your Two Options

Inside the SSL Manager you will see two choices. Pick whichever fits your situation:

Option I — Order SSL from Winhost
Let Winhost buy and install the certificate for you. Best for most customers — takes about 10 minutes end-to-end.
Option II — Upload a PFX
Already bought a certificate elsewhere? Upload your .pfx file and we install it on your site.

Option I — Order an SSL Certificate Through Winhost

In the Control Panel, go to Sites > [your domain] > SSL Manager.

  1. Click Order a New SSL Certificate.
  2. Select the type of SSL certificate you want (for example, RapidSSL for a standard single-domain, or Wildcard if you need to cover subdomains).
  3. Enter the common name (your domain name or sub-domain name, for wildcard SSL Certificates, you must enter *.[domain name] without the []), organization name, organization unit, city/locality, state/province, and country.
  1. Review your admin contact information and confirm your Admin Email address. This is where your SSL certificate details and renewal reminders will be sent — make sure it is correct.
  2. Click on Continue >>> to review your information and then Order SSL Certificate to submit your order.
That’s it on your end. Winhost handles the CSR, sends the order to DigiCert, and installs the certificate automatically once DigiCert verifies your domain.

BEHIND THE SCENE

Domain Validation

Before your SSL certificate can be issued, DigiCert (our certificate authority partner) needs to confirm that you own or control the domain. There are three ways this can happen — in most cases, it is fully automatic.


Option 1 — HTTP Validation (most common, fully automatic)

If your domain is already pointing to Winhost, HTTP validation is used by default. Here is what happens:

  • Winhost automatically places a small hidden verification file on your site.
  • DigiCert checks for that file to confirm you control the domain.
  • Your certificate is usually issued within 2minutes.
  • Once issued, the certificate is installed on your site automatically.
Note: no action is needed from you for HTTP validation. The process is entirely automatic as long as your domain points to Winhost.
Option 2 — DNS Validation (automated for Wildcard certificates or domains not yet pointing to Winhost)

If you are ordering a Wildcard SSL certificate (e.g., *.yourdomain.com), or if your domain is not yet pointing to Winhost, DNS validation is used instead. If your domain’s DNS is managed through Winhost, this is also fully automatic:

  • Winhost automatically adds the required DNS validation record for you.
  • DigiCert detects the record and verifies your domain.
  • Your certificate is issued and installed automatically, typically within 10 minutes.
Option 3 — DNS Validation, Manual (DNS hosted elsewhere) *

If your domain’s DNS is managed at a third-party provider (such as GoDaddy, Cloudflare, or another domain registrar), you will need to add a DNS record yourself:

  1. After placing your order, the Control Panel will display a DNS TXT record value.
  2. Log in to your DNS provider and add the TXT record shown in the control panel.
  3. Once the record is added, DigiCert will automatically detect it (this may take several minutes to a few hours depending on your DNS provider).  Click on the Validate Now button to complete to process.
  4. Your certificate will be issued and installed automatically once validation is complete.
Note: DNS changes can take time to propagate. If your certificate has not been issued after a few hours, contact Winhost Support for assistance.

Organization Validated (OV) and Extended Validation (EV) Certificates

If you are ordering an OV or EV SSL certificate (such as TrueBiz or an EV certificate), there are additional manual verification steps required by DigiCert on top of the domain validation above:

  • DigiCert will reach out to verify your organization’s details (name, address, phone number, etc.).
  • For EV certificates, DigiCert may call you directly to confirm your identity. The certificate will not be issued until you respond.
  • This process is separate from domain validation and cannot be skipped.
Heads-up: OV and EV certificates take longer to issue because of the additional manual review. Plan for at least 1 to 3 business days.

Option II — Upload Your Own PFX Certificate

If you already purchased an SSL certificate from another provider (or have one exported from another server), you can install it on your Winhost site by uploading a PFX file. No domain validation is needed on our side — the PFX is already a valid, signed certificate.

  1. In the Control Panel, go to Sites > [your domain] > SSL Manager.
  2. Click Upload SSL PFX File.
  3. Choose your .pfx file from your computer.
  4. Enter the PFX password (the password you set when the file was exported).
  5. Click Upload.
Done in seconds. Your certificate is installed on the site immediately and a confirmation email is sent.
Don’t have a PFX yet? If your certificate provider gave you a .cer or .crt file plus a private key, you will need to combine them into a single .pfx file before uploading. Contact Winhost Support if you need a hand.

After Your Certificate Is Issued

Once your certificate is issued, Winhost receives a notification from DigiCert (or completes the PFX upload) and automatically installs the certificate on your site, you will receive a confirmation email when everything is in place.

Final step — Turn on the HTTPS redirect

To avoid a “Not Secure” warning in browsers, enable a forced HTTPS redirect after installation. See the Force HTTPS with URL Rewrite knowledge base article for instructions.

Note: if domain validation is not completed within 30 days, the validation token will expire and a new certificate order will need to be placed. Contact Winhost Support if you need help.

Renewing Your Certificate

SSL certificates must be renewed annually. You will receive a renewal reminder by email 30 days before your certificate expires. To renew, follow the same steps as ordering a new certificate through SSL Manager — the process is identical.

Note: the Renew button becomes available 30 days before expiration. If you receive a reminder but cannot see the button yet, wait a day or two and try again.

* Reissue / self-managed DNS note: if you handle DNS validation yourself (Option 3 above), or if you reissue the certificate later, you will need to redo the DNS TXT record verification step each time.

Article ID: 1775, , Modified: 5/6/2026 at 9:23 AM

Was this article helpful?

Share this article
Bluesky
Facebook
Threads
X / Twitter
Other Social Networks
Print