Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

AutoSSL for proxy / subdomains such as whm cpanel and webmail

Discussion in 'Security' started by Mike_ACC, Nov 16, 2016.

Tags:
  1. Mike_ACC

    Mike_ACC Member

    Joined:
    Nov 20, 2015
    Messages:
    14
    Likes Received:
    1
    Trophy Points:
    3
    Location:
    UK
    cPanel Access Level:
    Root Administrator
    I think I may be confused by wording. In this blog post SSL certificate per domain on cpanel, webmail, dav, caldav, and whm services (SNI). from benny@cpanel it says "cPanel, WHM, webmail, webdav and caldav all use domain-specific SSLs now.". However it also says (later) proxy subdomains are not included. My main domain gets SSL no problem but whm.domain reports certificate error. I raised this with support and they suggested to remove the A record for whm and recreate it as a subdomain.

    Does this mean that whm. cpanel. etc are considered as proxy subdomains and, therefore, not currently supported by AutoSSL?
     
  2. cPanelMichael

    cPanelMichael Technical Support Community Manager
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    45,116
    Likes Received:
    1,932
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hello @Mike_ACC,

    cPanel version 60 introduced the Domain TLS functionality to provide SNI functionality for the following services (including mail.domain.tld subdomain):

    • cpsrvd — cPanel, WHM, and Webmail logins and interfaces.
    • cpdavd — Calendar, Contacts, and Web Disk services.
    • exim — Mail transfer and receiving services.
    • dovecot — Mailbox service.
    For instance, someone browsing to domain.tld/cpanel would benefit from this. AutoSSL support for proxy subdomains (e.g. cpanel.domain.tld) is not yet available. That's planned for the future, and can be tracked at:

    Allow to make certificate for subdomains like cPanel.example.com and mail.Example.com

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. Mike_ACC

    Mike_ACC Member

    Joined:
    Nov 20, 2015
    Messages:
    14
    Likes Received:
    1
    Trophy Points:
    3
    Location:
    UK
    cPanel Access Level:
    Root Administrator
    Ah, light dawns. So mydomain.tld/webmail and mydomain.tld/cpanel (for example) should work "out of the box" with AutoSSL (as does the :2083 :2087 port connections). But if I wanted to use webmail.mydomain.tld I have to do the workround suggested by support and set it up as subdomain.
    Thanks for the illumination.
     
    cPanelMichael likes this.
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice