We use AutoSSL in our WHM/CPanel. It automatically creates (and renews when necessary) SSL certificates for our websites via Let's encrypt (free, short-lived certificates). Custom certificates can easily be applied, but they have to be purchased first.
WHM > Manage AutoSSL > Manage Users
Go to WHM > Manage AutoSSL > Manage Users and check that AutoSSL is enabled for the CPanel User at hand. It should be enabled by default.
When AutoSSL is enabled for a CPanel user then all the domains that point to that server will automatically get an SSL certifcate.
You can use the "Check [username]" option there to re-run the checks for the domains of that user and issue or renew any certificates pending for their domain.
AutoSSL runs every night for all CPanel users and renews expiring certificates automatically. It does not renew custom/paid certificates that have been manually installed! This is the default setting for all accounts in our CPanel servers.
You can also run the "Run AutoSSL For All Users" button which will run immediately the checks that run each night for AutoSSL certificate issue and renewal for all users.
If a certificate has been installed and doesn't work for some reason and one needs to issue it from scratch then they might need to go to WHM > Manage SSL Hosts, delete the host with the problem from there and then go back to WHM > Manage AutoSSL and run "Check [username]" for that user manually. Otherwise the checks will run automatically that night anyway.
CPanel > SSL/TLS status
One can also manage AutoSSL from within CPanel under SSL/TLS status but for that user only.
There one may Exclude a domain from AutoSSL if they want to handle the certificate manually or if they do not need any certificate for that domain at all.
One can also hti the "Run AutoSSL" button which will run the nightly checks but for the current CPanel user only.
