Install server certificates for WHM services - mail, ftp and web interface

Even though this is simple task I decide to describe it. WHM / cPanel system is really complex and overlooking some settings can easily happen. That's what happened also to me. I think there are 2 reasons:
1. This task is not on daily basis - certificates are generated for longer periods - year or more years
2. Settings for SSL in WHM is not on one place and that is bit confusing.

To secure communication on WHM's important services:

- Web interface (WHM, cPanel, Webmail on SSL ports 2083, 2087, 2096)
- SMTP (Exim on port 25 - event. aditionally another)
- Mail (IMAP, POP3 -Dovecot on ports 993 and 995)
- SFTP (Pure-FTPD on port 20, 21,  event. aditionally another)

it is required to get some certificate from CA (certificate authority). There are lot of CA - you can Google it and compare their prices. Proper type of certificate is Class 2 - organizations, for which proof of identity is required. But if you are individualist or small project you can save some money here. Class 1 certificate is sufficient which is intended for securing web-mail and simillar applications like cPanel / WHM is. Some CA providing Class 1 certificates for free of charge like StarCom CA.

Specific steps:

1. Generate an SSL Certificate and Signing Request:
Go to WHM > SSL / TLS > Generate an SSL Certificate and Signing Request.
Fill all fields with your data. I recommend also filling last field to get certificate to email to have backup.

2. Sign your certificate by CA - cpecifics steps depends on CA.

3. As soon as CA sign the certificate you can install it to all services mentioned above under this navigation:
WHM > Service Configuration > Manage Service SSL Certificates

Note:

In order to configure secure communication without warnings it is also required to use proper hostname on client side for which was certificate issued. Otherwise user will see security warning - domain mismatch. Connection itself remains encrypted.