Upload a custom SSL certificate for increased flexibility in hosting your site.
For increased flexibility and control over the details in your SSL certificates, you can upload your own custom SSL certificates to your site.
Note
Custom SSL certificate uploads are only available for Enterprise
customers.
Contact our sales team
for more information.
How to obtain a custom SSL certificate
You’ll need to obtain your custom SSL certificates from a third-party service, since Webflow does not issue custom SSL certificates.
When obtaining your custom SSL certificate from a third-party service, you’ll typically follow these steps:
-
Generate a Certificate Signing Request (CSR) and private key. This can be done through online CSR generators or in a local development environment with various tools, such as OpenSSL. Keep a secure copy of your private key — you’ll need it for Webflow installation later.
-
Choose a Certificate Authority (CA) (i.e., a trusted entity that issues SSL certificates). There are many CAs available, both commercial and free.
-
Provide your CSR to the CA. When you purchase or request a certificate from a CA, they’ll typically ask for your CSR. You’ll need to copy and paste the contents of the CSR file, or upload the file itself to their website.
-
Complete any domain ownership steps and additional verification steps. Depending on the CA and certificate, you may need to verify that you own the domain for which you’re requesting the certificate. This can be done through various methods, such as email verification or DNS record creation. You may need to provide additional documentation or undergo more rigorous validation processes, especially for extensive certificate types.
-
Receive and download the SSL certificate. Once your request is approved, the CA will issue your custom SSL certificate. They’ll provide you with the certificate files. Download these and install them in Webflow according to the instructions below.
How to add a custom SSL certificate
First, open Site settings:
- Go to your Dashboard
- Locate the site to which you want to add the custom SSL certificate
- Click the “more options” dots to open the site options menu
- Click Settings
- Check the name and subdomain of the site in the General tab to make sure you’re in the correct site’s settings
Next, add your custom SSL certificate to your site:
- Go to Site settings > Publishing > Custom SSL certificates
- Click Add certificate
- Add your site’s domain name to the Domain field (e.g., yourdomain.com)
- Copy and paste your full certificate chain (RSA PEM format) into the SSL certificate chain field (e.g., place your domain or leaf certificate first, and include any intermediate or root certificates after your domain or leaf certificate). If you have multiple files, first paste your domain or leaf certificate (e.g., certificate.crt), then include any intermediate or root certificates (e.g., ca_bundle.crt) after your domain or leaf certificate in the same field. Separate each file by a line break.
- Copy and paste your private key into the Private key field (it must be an unencrypted PKCS#8 private key with the header BEGIN PRIVATE KEY)
- Click Add custom SSL certificate to add the custom certificate to your site
Note
A single certificate may have multiple domains on it. If you need to
apply multiple domains to your certificate, you will need to upload the
certificate multiple times — once for each domain (including subdomains). For example, you may
have one certificate and need to apply it to example.com
and www.example.com
. In this case, you’ll need to add the
certificate 2 times — once for example.com
and once again
for www.example.com
.
How to update a custom SSL certificate
If you choose to add a custom SSL certificate to your site, you are required to manually update your certificate before it expires.
To update your custom SSL certificate, first open Site settings:
- Go to your Dashboard
- Locate the site to which you want to add the custom SSL certificate
- Click the “more options” dots to open the site options menu
- Click Settings
- Check the name and subdomain of the site in the General tab to make sure you’re in the correct site’s settings
To delete your original custom SSL certificate and replace it with your updated version:
- Go to Site settings > Publishing > Custom SSL certificates
- Click Delete next to the certificate that you want to delete
-
Add your updated custom SSL certificate to your site