Upload a Custom Certificate for Your Website on Incapsula

Upload your own SSL certificate to Incapsula so it can be presented to your web site visitors. PFX, PEM, and CER file formats are supported.

This certificate is presented to SNI-supporting clients only. Adding your domain to an Incapsula SAN certificate is required to handle non-SNI supporting clients, even if you are uploading your existing certificate. A list of SNI-supporting clients can be found here: https://en.wikipedia.org/wiki/Server_Name_Indication.

The certificate must contain the full chain – root CA , intermediate CA, and the origin server certificates. For details on extracting the full chain certificate, see https://incapsula.zendesk.com/hc/en-us/articles/115004146313.

The following options are available:

Option Description
Use an existing certificate

Upload the current certificate installed on your origin server to Incapsula.

Upload a new certificate Upload a certificate to Incapsula that is different from the current certificate installed on your origin server.
Upload a new certificate without a private key Upload a certificate to Incapsula that is different from the current certificate installed on your origin server and does not contain a private key.

Upload a custom certificate to Incapsula

  1. In the Incapsula Management Console, on the sidebar, select Websites > <your site> > Settings > General.
  2. Under SSL Support > Custom certificate, click Configure.

  3. On the Configure Custom Certificate page, select one of the following options:

Read More