Control Panels

How to Install SSL in DirectAdmin

Learn how SSL works in DirectAdmin, including HTTPS setup, certificates, domain checks, redirects and common SSL problems.

Installing SSL in DirectAdmin is usually straightforward, but it depends on the domain pointing to the right server, the correct domain version being selected and HTTPS being tested after the certificate is issued.

This guide explains the practical DirectAdmin SSL process: what to check before requesting a certificate, how to issue a Let's Encrypt certificate, how to cover both the www and non-www versions, and what to do when HTTPS still shows warnings.

The important point is that SSL is not just a button you press once. The certificate, DNS, redirects, website URLs and page assets all need to agree. If one part is wrong, the certificate may fail to issue, the wrong domain may be covered, or visitors may still see a browser warning.

Quick Summary

Point the domain to the hosting account first, issue a Let's Encrypt certificate in DirectAdmin, include the correct domain versions, then test HTTPS before forcing redirects.

  • Check DNS first
  • Open SSL Certificates
  • Select Let's Encrypt
  • Include www if used
  • Issue the certificate
  • Test HTTPS
  • Fix mixed content
  • Force HTTPS carefully
  • Check renewal conditions

Before you install SSL in DirectAdmin

Before requesting a certificate, check that the domain is already added to the DirectAdmin account and that DNS points to the correct hosting server. Let's Encrypt validates the domain during the request. If the domain still points somewhere else, DirectAdmin may not be able to prove control of the domain.

You should also decide which domain versions need SSL. A typical website may use both example.co.uk and www.example.co.uk. If visitors, adverts, printed material or old links use both versions, both should be covered by the certificate and redirected consistently.

1

Domain points to hosting

The root domain and www version should point to the correct server before you request the certificate.

2

Correct domain selected

Always check you are inside the right DirectAdmin domain before changing SSL settings.

3

WWW decision made

Choose whether visitors should use www or non-www, then keep redirects consistent after SSL is installed.

How to install a Let's Encrypt SSL certificate

In DirectAdmin, open the correct account and choose the domain you want to secure. Then go to Account Manager and open SSL Certificates. The exact wording can vary slightly by theme, but the SSL area is normally inside the domain/account tools.

Typical DirectAdmin SSL steps

  1. Log in to DirectAdmin.
  2. Select the correct domain if the account contains more than one domain.
  3. Open Account Manager and then SSL Certificates.
  4. Choose the Let's Encrypt or free automatic certificate option.
  5. Select the domain names the certificate should cover, such as the root domain and www version.
  6. Save or issue the certificate.
  7. Test the website using https:// before forcing redirects.

If the request succeeds, the certificate should be active for the selected names. If it fails, do not keep pressing the issue button repeatedly. Check DNS, domain selection and validation first, because repeated failed requests can make troubleshooting slower.

Choosing the right domain names for the certificate

A common SSL mistake is installing a certificate for only one version of the domain. For example, example.co.uk may work securely, while www.example.co.uk shows a warning. This usually means the certificate does not include the www version or the www record does not point correctly.

If the site uses subdomains, those need their own coverage too. A certificate for the main domain does not automatically secure every subdomain unless a wildcard certificate is being used, and wildcard SSL is not the same as a standard Let's Encrypt request.

Domain version When to include it What to check
example.co.uk Almost always, as this is the root domain. A record points to the correct hosting server.
www.example.co.uk Include it if visitors may use the www version. WWW CNAME or A record points correctly.
shop.example.co.uk Include it only if that subdomain exists and is served by the account. Subdomain exists and DNS points correctly.
mail.example.co.uk Only if you specifically need SSL for that hostname. Mail hostname and certificate use match your mail setup.

Forcing HTTPS after the certificate works

Once HTTPS loads correctly, you can force visitors from HTTP to HTTPS. Many DirectAdmin setups include a force SSL or HTTPS redirect option. This should normally be enabled only after the certificate is valid, otherwise visitors can be redirected straight into a browser warning.

If the site uses WordPress, check the WordPress Address and Site Address settings as well. A WordPress site can still output old HTTP links if its settings, database content, theme options or page builder content were created before SSL was installed.

Fixing mixed content warnings

Mixed content happens when the page itself is HTTPS but some images, scripts, fonts or stylesheets still load over HTTP. The browser may show a warning, block part of the page or keep the padlock from appearing correctly.

The fix is to update the actual resource URLs. Start with the homepage, then test important pages, forms, checkout pages and login pages. Look for images, background images, scripts or embedded resources that still start with http://.

SSL troubleshooting table

Problem Likely cause What to do
Certificate request fails Domain does not point to the DirectAdmin server Check the A record for the root domain and DNS for www, then retry after propagation.
WWW shows a warning Certificate does not include the www version Reissue the certificate including both root and www versions.
HTTPS works but padlock is missing Mixed content on the page Update HTTP images, scripts, fonts and page-builder assets to HTTPS.
Redirect loop Conflicting HTTPS rules or WordPress settings Check DirectAdmin redirect settings, .htaccess rules, CDN settings and WordPress URLs.
Certificate renewed before but now fails DNS changed or the domain no longer validates Confirm the domain still points to the account and that validation paths are reachable.

SSL renewal in DirectAdmin

Let's Encrypt certificates are designed to renew automatically when the domain still validates correctly. Renewal usually fails when something has changed since the certificate was first issued, such as nameservers being moved, the domain being removed, the account being suspended, or DNS pointing away from the hosting server.

If you move a site, change DNS provider or switch the domain to another hosting account, check SSL again afterwards. A certificate that worked yesterday can fail renewal later if the validation path no longer reaches the expected server.

Common mistakes to avoid

Helpful next step

Check the certificate after installing SSL

After installing SSL in DirectAdmin, test the certificate from outside the control panel. Check the root domain, the www version and any important subdomains that visitors actually use.

You can use the SSL Checker to confirm the certificate details, then use DNS Lookup or DNS Propagation Checker if the request fails because the domain is not pointing correctly.

For WordPress sites, also test page assets and internal links so the browser does not continue showing mixed content warnings after HTTPS is enabled.

Frequently Asked Questions

How do I install SSL in DirectAdmin?

Log in to DirectAdmin, choose the correct domain, open SSL Certificates, select the Let's Encrypt option, include the versions you want covered such as the main domain and www, then save or issue the certificate. After it installs, test the site using https:// and enable an HTTPS redirect if the certificate is working.

Why will Let's Encrypt not issue a certificate in DirectAdmin?

The most common reason is that the domain does not point to the hosting account yet. Check the A record for the root domain and the www record, wait for DNS propagation if needed, then try the certificate request again.

Should I include both www and non-www when installing SSL?

Yes, if both versions can be used by visitors. The certificate should cover the main domain and the www version, otherwise one version may show a browser warning even if the other version works.

Do I need to change DNS before installing SSL?

Usually yes. Let's Encrypt needs to confirm that the domain points to the server handling the request. If the domain still points to old hosting, a parked page, or an incorrect IP address, the SSL request may fail.

How do I force HTTPS in DirectAdmin?

After the certificate is installed and tested, use DirectAdmin's force SSL or HTTPS redirect option if available. If the site is WordPress, also check the WordPress Address and Site Address settings so the site itself uses https://.

Why does my website still say Not Secure after SSL is installed?

This is often caused by mixed content, where the page loads images, scripts, stylesheets or fonts over http://. Update internal links, theme settings, page builder content and hard-coded assets so they use https://.

What is mixed content?

Mixed content means an HTTPS page is loading some resources over insecure HTTP. The certificate may be valid, but browsers can still show warnings or block parts of the page until those HTTP resources are corrected.

Will SSL renew automatically in DirectAdmin?

Let's Encrypt certificates usually renew automatically when the domain still points to the hosting account and validation can complete. Renewal can fail if DNS is changed, the domain is removed, the account is suspended, or the server cannot complete validation.

Can I install SSL before uploading the website?

Yes, as long as the domain points to the correct hosting account and DirectAdmin can validate it. Installing SSL before uploading the full website is often useful because you can build and test the site on HTTPS from the start.

What should I test after installing SSL?

Test the root domain, the www version, important pages, contact forms, login pages and any checkout or booking pages. Also check that HTTP redirects to HTTPS and that there are no browser warnings for mixed content or certificate mismatch.

Final thoughts

Installing SSL in DirectAdmin is mainly about doing the checks in the right order. Point the domain first, issue the certificate for the correct versions, test HTTPS, then force redirects once the certificate is working.

If HTTPS still does not look right after the certificate is installed, the cause is usually DNS, missing www coverage, mixed content or conflicting redirect rules. Work through those checks one at a time instead of changing several settings together.