Can we add SSL certificate to an add-on domain?

[mambovince]

Hi,
Can we add SSL certificate to an add-on domain, and does it affect the main account domain or other addon domains?

Would the dedicated IP be for whole cPanel account, or just for the addon domain?

Many thanks,

- Vince

[thewebhosting]

You cannot add SSL certificate to add on domain as SSL certificate requires dedicated IP address. If you would like to install SSL certificate to your add on domain then you would need to host your add on domain as separate main domain.

[mambovince]

Hi,
Thanks for the reply.
Although I just found anothet thread that suggests this may be possible?
http://forums.cpanel.net/f4/cpanel-a...ips-86605.html

thanks,

- Vince

[mambovince]

Could someone from cPanel support maybe clarify this one please?
Many thanks,

- Vince

[cPanelDavidG]

Could someone from cPanel support maybe clarify this one please?
Many thanks,

- Vince

As mentioned on that thread, SSL certificates require a dedicated IP address and we only support 1 IP address per cPanel account at this time.

[mambovince]

As mentioned on that thread, SSL certificates require a dedicated IP address and we only support 1 IP address per cPanel account at this time.

Hi David,
Thanks for reply.
I understand it can only be 1 IP per account, but does that also mean we can still asign an SSL cert to that IP but use it for an addon domain instead of the main domain??

How I was clear.
Many thanks,

- Vince

[Janak]

Let me explain.

Add on domain will be created as a sub domain inside the main domain, so probably it will use the same shared IP address of main domain. You will have to create separate account in cPanel after removing it from the Add on domain. I think this is the only way to install SSL certificate on it.

[cPanelDavidG]

Unfortunately, we do not natively support placing SSL certificates on add-on domains at this time.

[InstaCarma_Tech]

As cPanelDavidG said, this cannot be done directly through cPanel/WHM .
May be you can try this :

If suppose your cPanel account username is “USER” and domains are:

maindomain.tld
addondomain1.tld
addondomain2.tld

Then you have to edit the following files using vim or pico editor :

/var/cpanel/userdata/USER/maindomain.tld
/var/cpanel/userdata/USER/subdomain1.maindomain.tld
/var/cpanel/userdata/USER/subdomain2.maindomain.tld

And change the IP field to in each to your desired one.
Then you have to rebuild apache using /scripts/rebuildhttpdconf
Restart apache service.
Edit DNS zone file of each domain and point A record to the new IP.

That should be it! All your domains should work flawlessly and you should also be able to install SSL , if required.

[quicktiming]

Unfortunately, we do not natively support placing SSL certificates on add-on domains at this time.

So if my primary domain is https://domain.com and it has the dedicated IP and security certificate, and the addon is also available by going to https://domain.com/addon will the security certificate still show a miss-match?

While this isn't a particularly elegant solution, its seems better than the alternative my host provider is offering... either to turn my server upside down by changing the primary domain or moving the add-on domain to another server all together.

Clifford VanMeter
Butler Graphics, Inc.

[cPanelDavidG]

So if my primary domain is https://domain.com and it has the dedicated IP and security certificate, and the addon is also available by going to https://domain.com/addon will the security certificate still show a miss-match?

While this isn't a particularly elegant solution, its seems better than the alternative my host provider is offering... either to turn my server upside down by changing the primary domain or moving the add-on domain to another server all together.

Clifford VanMeter
Butler Graphics, Inc.

If you access the addon domain via that URL (which would be possible if you set its document root to ~/public_html/addon), then there shouldn't be an issue.

However, if you access it via https://addondomain.com directly, the browser may try to find the certificate for addondomain.com before redirecting to domain.com/addon and thus cause issues. I haven't tested this scenario myself.

[quicktiming]

As cPanelDavidG said, this cannot be done directly through cPanel/WHM .
May be you can try this :

If suppose your cPanel account username is “USER” and domains are:

maindomain.tld
addondomain1.tld
addondomain2.tld

Then you have to edit the following files using vim or pico editor :

/var/cpanel/userdata/USER/maindomain.tld
/var/cpanel/userdata/USER/subdomain1.maindomain.tld
/var/cpanel/userdata/USER/subdomain2.maindomain.tld

And change the IP field to in each to your desired one.
Then you have to rebuild apache using /scripts/rebuildhttpdconf
Restart apache service.
Edit DNS zone file of each domain and point A record to the new IP.

That should be it! All your domains should work flawlessly and you should also be able to install SSL , if required.

While I'm not opposed to hacking the server a little, this doesn't seem to be a viable solution for me. I find my configuration to be /var/cpanel/users/username and username is a read only file, not a directory.

Also, I found this in another posting --

Open the vhost template corresponding to your domain/addon domain in /var/cpanel/userdata/%username%/%domain_name%.

Locate the line with the IP address, and change it to a dedicated IP.

Run /scripts/rebuildhttpdconf to rebuild the Apache config, and then restart Apache for the changes to take effect.

You will now be able to install an SSL certificate on both the main domain and the addon domain.

It doesn't seem to work either. Is my host provider using some screwy configuration, or have upgrades made these methods obsolete?

Clifford VanMeter
Butler Graphics, Inc.

[nopster]

It may not be elegant, but I noticed, by accident, a while back that cpanel allows you to create a separate account that is a subdomain.

Being a separate account means you can easily assign it a dedicated IP regardless of what the main account is using (shared or dedicated), and install ssl on the subdomain directly without a hassle.

Perhaps that workaround would work for some folks.