Learn how SSL works in DirectAdmin, including HTTPS setup, certificates, domain checks, redirects and common SSL problems.
Installing SSL in DirectAdmin is usually straightforward, but it depends on the domain pointing to the right server, the correct domain version being selected and HTTPS being tested after the certificate is issued.
This guide explains the practical DirectAdmin SSL process: what to check before requesting a certificate, how to issue a Let's Encrypt certificate, how to cover both the www and non-www versions, and what to do when HTTPS still shows warnings.
The important point is that SSL is not just a button you press once. The certificate, DNS, redirects, website URLs and page assets all need to agree. If one part is wrong, the certificate may fail to issue, the wrong domain may be covered, or visitors may still see a browser warning.
Point the domain to the hosting account first, issue a Let's Encrypt certificate in DirectAdmin, include the correct domain versions, then test HTTPS before forcing redirects.
Before requesting a certificate, check that the domain is already added to the DirectAdmin account and that DNS points to the correct hosting server. Let's Encrypt validates the domain during the request. If the domain still points somewhere else, DirectAdmin may not be able to prove control of the domain.
You should also decide which domain versions need SSL. A typical website may use both example.co.uk and www.example.co.uk. If visitors, adverts, printed material or old links use both versions, both should be covered by the certificate and redirected consistently.
The root domain and www version should point to the correct server before you request the certificate.
Always check you are inside the right DirectAdmin domain before changing SSL settings.
Choose whether visitors should use www or non-www, then keep redirects consistent after SSL is installed.
In DirectAdmin, open the correct account and choose the domain you want to secure. Then go to Account Manager and open SSL Certificates. The exact wording can vary slightly by theme, but the SSL area is normally inside the domain/account tools.
If the request succeeds, the certificate should be active for the selected names. If it fails, do not keep pressing the issue button repeatedly. Check DNS, domain selection and validation first, because repeated failed requests can make troubleshooting slower.
A common SSL mistake is installing a certificate for only one version of the domain. For example, example.co.uk may work securely, while www.example.co.uk shows a warning. This usually means the certificate does not include the www version or the www record does not point correctly.
If the site uses subdomains, those need their own coverage too. A certificate for the main domain does not automatically secure every subdomain unless a wildcard certificate is being used, and wildcard SSL is not the same as a standard Let's Encrypt request.
| Domain version | When to include it | What to check |
|---|---|---|
| example.co.uk | Almost always, as this is the root domain. | A record points to the correct hosting server. |
| www.example.co.uk | Include it if visitors may use the www version. | WWW CNAME or A record points correctly. |
| shop.example.co.uk | Include it only if that subdomain exists and is served by the account. | Subdomain exists and DNS points correctly. |
| mail.example.co.uk | Only if you specifically need SSL for that hostname. | Mail hostname and certificate use match your mail setup. |
Once HTTPS loads correctly, you can force visitors from HTTP to HTTPS. Many DirectAdmin setups include a force SSL or HTTPS redirect option. This should normally be enabled only after the certificate is valid, otherwise visitors can be redirected straight into a browser warning.
If the site uses WordPress, check the WordPress Address and Site Address settings as well. A WordPress site can still output old HTTP links if its settings, database content, theme options or page builder content were created before SSL was installed.
Mixed content happens when the page itself is HTTPS but some images, scripts, fonts or stylesheets still load over HTTP. The browser may show a warning, block part of the page or keep the padlock from appearing correctly.
The fix is to update the actual resource URLs. Start with the homepage, then test important pages, forms, checkout pages and login pages. Look for images, background images, scripts or embedded resources that still start with http://.
| Problem | Likely cause | What to do |
|---|---|---|
| Certificate request fails | Domain does not point to the DirectAdmin server | Check the A record for the root domain and DNS for www, then retry after propagation. |
| WWW shows a warning | Certificate does not include the www version | Reissue the certificate including both root and www versions. |
| HTTPS works but padlock is missing | Mixed content on the page | Update HTTP images, scripts, fonts and page-builder assets to HTTPS. |
| Redirect loop | Conflicting HTTPS rules or WordPress settings | Check DirectAdmin redirect settings, .htaccess rules, CDN settings and WordPress URLs. |
| Certificate renewed before but now fails | DNS changed or the domain no longer validates | Confirm the domain still points to the account and that validation paths are reachable. |
Let's Encrypt certificates are designed to renew automatically when the domain still validates correctly. Renewal usually fails when something has changed since the certificate was first issued, such as nameservers being moved, the domain being removed, the account being suspended, or DNS pointing away from the hosting server.
If you move a site, change DNS provider or switch the domain to another hosting account, check SSL again afterwards. A certificate that worked yesterday can fail renewal later if the validation path no longer reaches the expected server.
After installing SSL in DirectAdmin, test the certificate from outside the control panel. Check the root domain, the www version and any important subdomains that visitors actually use.
You can use the SSL Checker to confirm the certificate details, then use DNS Lookup or DNS Propagation Checker if the request fails because the domain is not pointing correctly.
For WordPress sites, also test page assets and internal links so the browser does not continue showing mixed content warnings after HTTPS is enabled.
Log in to DirectAdmin, choose the correct domain, open SSL Certificates, select the Let's Encrypt option, include the versions you want covered such as the main domain and www, then save or issue the certificate. After it installs, test the site using https:// and enable an HTTPS redirect if the certificate is working.
The most common reason is that the domain does not point to the hosting account yet. Check the A record for the root domain and the www record, wait for DNS propagation if needed, then try the certificate request again.
Yes, if both versions can be used by visitors. The certificate should cover the main domain and the www version, otherwise one version may show a browser warning even if the other version works.
Usually yes. Let's Encrypt needs to confirm that the domain points to the server handling the request. If the domain still points to old hosting, a parked page, or an incorrect IP address, the SSL request may fail.
After the certificate is installed and tested, use DirectAdmin's force SSL or HTTPS redirect option if available. If the site is WordPress, also check the WordPress Address and Site Address settings so the site itself uses https://.
This is often caused by mixed content, where the page loads images, scripts, stylesheets or fonts over http://. Update internal links, theme settings, page builder content and hard-coded assets so they use https://.
Mixed content means an HTTPS page is loading some resources over insecure HTTP. The certificate may be valid, but browsers can still show warnings or block parts of the page until those HTTP resources are corrected.
Let's Encrypt certificates usually renew automatically when the domain still points to the hosting account and validation can complete. Renewal can fail if DNS is changed, the domain is removed, the account is suspended, or the server cannot complete validation.
Yes, as long as the domain points to the correct hosting account and DirectAdmin can validate it. Installing SSL before uploading the full website is often useful because you can build and test the site on HTTPS from the start.
Test the root domain, the www version, important pages, contact forms, login pages and any checkout or booking pages. Also check that HTTP redirects to HTTPS and that there are no browser warnings for mixed content or certificate mismatch.
Installing SSL in DirectAdmin is mainly about doing the checks in the right order. Point the domain first, issue the certificate for the correct versions, test HTTPS, then force redirects once the certificate is working.
If HTTPS still does not look right after the certificate is installed, the cause is usually DNS, missing www coverage, mixed content or conflicting redirect rules. Work through those checks one at a time instead of changing several settings together.
DirectAdmin Guides
Use these related guides to compare DirectAdmin hosting, pricing, demos, WordPress setup, email tools and cPanel alternatives.
Install for quick access to hosting, tools, billing and support.