Install SSL Bundle CA without httpd.conf?

[emdeex]

I'm a cpanel reseller, with access to WHM and a jailshell SSH account.

I installed a Comodo SSL certificate for one of my client domains. That part seems to work.

Browsers give the error "you don't trust this certificate".

Most threads say to fix this, I need to modify httpd.conf, to add the Comodo CA bundle.

Can I do this without the server super-admin?

Thanks,
emdeex

[gorilla]

no , you will need root access for that !

[emdeex]

The webhost and Comodo say I dont need root.

I just need to post the CA bundle into the CA bundle field in WHM.

I'm doing that, and it says "updating certificate only"...

but no good result.

Comodo are asking, "are their any other certificates installed on that server?", well how would I know, I assume so, since its a webhosting company, but what difference does it make?

[dezignguy]

You can only install one SSL cert per ip... do you have a dedicated ip?

If there's already an ssl cert on that ip usually it'll load the first cert in the list... check your certificate in your browser and see if it's actually yours.

[projectandrew]

For reference:

FAQ: Can I have multiple SSL sites sharing one IP address?
http://www.unofficial-support.com/node/28

[emdeex]

Yes, it is on its own IP address.

OK, so I spent hours with Comodo online support, and they couldnt get it to work. They finally suggested that I get the webhost to edit the httpd.conf files.

The webhost didnt want to do that, cause they said it should work via WHM.

So I decided I'd try one last thing.

I asked the webhost to delete the certificate from that IP. They did that.

I waited a few hours, then went and reinstalled the certificate, the key, and the certificate bundle from Comodo via WHM.

I used the certificate (www_xxxx_com.crt) and the bundle (ComodoSecurityServicesCA.crt) as supplied on the zipfile in the email from Comodo.

"Do It"

And its working. No more asking about "you dont trust this certificate" etc. Just straight through to the HTTPS page.

So what happened? No idea, a flaw with Cpanel is the only thing I can see. As I reinstalled the certs many times to no avail. Only when the webhost deleted the cert, and then I reinstalled did it start to work. WHM 9.9.9 cPanel 9.9.9-R14 RedHat 9 i686 - WHM X v3.1.0.