SSL Certificates
All verified domains are automatically protected by our Cloudflare integration, which includes free SSL certificates. This means that unless you have a specific reason to add a custom SSL, you won’t have to worry about manually configuring an SSL on Kinsta. All SSL certificates provided by Kinsta have TLS 1.2 and TLS 1.3 enabled, both of which are secure and supported by all major browsers.
However, there may be circumstances where you need or want to add a custom SSL certificate to your application. To install your custom SSL certificate, you must first obtain your custom SSL certificate from your certificate provider or transfer the SSL certificate from a previous server (have access to the certificate and key) and then contact our Support Team, who can manually upload it for you.
Obtain a custom SSL certificate
All verified domains are automatically protected by our Cloudflare integration, which includes free SSL certificates. For users who prefer to go the custom SSL route, our Support Team can manually upload this for you once you have obtained the certificate.
1. Purchase SSL certificate
You can purchase your SSL certificate from any vendor you like, such as Comodo, DigiCert, GeoTrust, Thawte, or Trustwave. Kinsta supports all types of SSL certificates.
2. Server type
When purchasing a new SSL certificate, you are asked to provide the server type. Our web server type is Nginx. If that option is not available, “Apache” or “Other” will also work.
3. Generate CSR and private key
The SSL provider will need a CSR (Certificate Signing Request) to create/sign the certificate file. For generating a CSR and RSA key (together known as a key pair), please complete this form: Online CSR and Key Generator.
We recommend filling out every field, but at a minimum, you should fill in the following, as seen in the example below:
- Common name (domain name)
- Email Address
- Organization
- City / Locality
- State / County / Region
- Country
Note: For the common name field, if you’re generating a wildcard certificate, you’ll need to input your domain name like *.domain.com.

The form will generate the Private Key file and the CSR. Save both of those, as the certificate will be unusable without them.

4. Upload CSR and generate SSL certificate
Upload only your CSR with your SSL provider to generate your SSL certificate (.cert file). Once you receive your SSL certificate from your provider, you can contact our Support Team to upload this for you.
Transfer an SSL certificate from another server
You can transfer an SSL certificate you installed on another server. You’ll need to get a copy of your SSL certificate and the certificate’s private key. This private key is created when you generate your CSR and is installed on the server.
If your site is coming from a host that uses cPanel, these can typically be extracted from cPanel directly or from the file manager. If your previous host doesn’t use cPanel, their support team may be able to assist you with getting a copy of your SSL certificate.
Alternatively, you can regenerate your SSL certificate from where you purchased it, whether it’s with your domain registrar or a third-party SSL reseller. To do that, you will need to obtain a copy of the private key or create a new one by generating a new CSR.
Don’t forget we do have free SSL certificates at Kinsta. So unless you have a specific reason for using your existing one, you can take advantage of our easy one-click solution.
Once you have your SSL certificate and key, you can contact our Support Team to upload this for you.
Contact our Support Team
To add your custom SSL certificate, contact our Support Team, who will upload this for you.