This guide explains how to check the SSL/TLS certificate status for all domains on your cPanel account, including certificate type, issuer, and expiry information.
Steps to Check SSL/TLS Certificate Status
- Log in to your cPanel account.
- Navigate to the Security section and click on SSL/TLS Status.
- The SSL/TLS Status page displays a list of all domains on your account with the following information:
- Certificate Status: Shows whether a certificate is active, expired, or not installed.
- Issuer: Displays the certificate authority (e.g., Let's Encrypt, cPanel, DigiCert).
- Expiration Date: Shows when the certificate expires.
- Domain: Lists primary domains, addon domains, and subdomains.
- Click View Certificate next to any domain to see full certificate details including the validity period, SANs (Subject Alternative Names), and fingerprint.
Understanding Certificate Statuses
- Active: A valid SSL certificate is installed and functioning.
- Expired: The certificate has passed its expiry date and should be renewed or replaced.
- Excluded: The domain is excluded from AutoSSL and no certificate is managed automatically.
- Not Installed: No SSL certificate exists for this domain.
Important Notes
- AutoSSL-managed certificates are renewed automatically before expiry. If you see an upcoming expiry, ensure the domain remains included in AutoSSL.
- For externally-issued certificates (e.g., purchased from a CA), you must renew and reinstall them manually before the expiry date.
- Browsers show warnings for certificates expiring within 30 days. Monitor your certificates regularly.
Troubleshooting
- SSL/TLS Status page is empty: Ensure your account has domains added and that SSL features are enabled by your hosting provider.
- Certificate shows as active but site shows insecure: Check for mixed content (HTTP resources on an HTTPS page) or verify the certificate covers the exact domain being accessed.
