AutoSSL not including 'whm' subdomain?

tribey2

Member
Feb 4, 2015
9
0
1
cPanel Access Level
Root Administrator
Hello,

I've run AutoSSL on my server with Let's Encrypt for around a year now and it's mostly great with my 10 domains or so. Each domain automatically gets a certificate from AutoSSL for:

  • The primary domain
  • Any subdomain created within the CPanel account for that domain
  • WWW prefixes for the primary domain and any subdomain
  • Service subdomains: cpanel.* mail.* webdisk.* webmail.*

However, the service subdomain for WHM (whm.*) is not included for any domain, so every time I access whm I have to click through the 'NOT SECURE' page and get the huge red warnings.

So I guess my question(s) is:

(1) How can I get autoSSL to include the whm.* subdomain automatically for all domains?

(2) If that's not possible, can I do this for just one domain and still get it to renew automatically through AutoSSL?
(3) If that's not possible either, can I get AutoSSL to just generate a wildcard certificate for every domain so that every subdomain is covered?

Any help greatly appreciated! I've searched the forums and checked the docs but can't seem to find a solution. I'm surprised whm.* doesn't just get included within the 'service subdomains' like cpanel and webdisk?!
 

tribey2

Member
Feb 4, 2015
9
0
1
cPanel Access Level
Root Administrator
I've just had an 'Oh' moment.

Is this because people don't usually access WHM by going to https://whm.mydomain.com? Do they instead go to https://mydomain.com:2087 ?

Or is it because people just use the IP 192.168.2.1:2087 to access WHM? Or the hostname: https://host.mydomain.com:2087 ?

I've no idea how I got into the whm.mydoamin.com habit - I've been doing this for years, but having looked at the 'Accessing WHM' docs I can see it's not even mentioned now!

If this is the case, what's the most common method of accessing WHM & CPANEL if not via subdomains?

I have a single DO droplet that hosts WHM and a few CPanel accounts, so any guidance here around best practice would be great!
 

cPanelLauren

Product Owner II
Staff member
Nov 14, 2017
13,274
1,295
313
Houston
Typically users will access WHM specifically by going to the hostname. AutoSSL will cover whm.domain.tld in the event that the user associated with that domain is a reseller.
 

tribey2

Member
Feb 4, 2015
9
0
1
cPanel Access Level
Root Administrator
Typically users will access WHM specifically by going to the hostname. AutoSSL will cover whm.domain.tld in the event that the user associated with that domain is a reseller.
Thanks Lauren - that's really helpful. I guess I've just been doing it the same way and never really thought too much into it! So to clarify when you say via the hostname, you mean via https://hostname.tld.com:2087 ?

As an aside, if I just visit the hostname in my browser without the 2087 port, I get the 'SORRY! If you are the owner of this website, please contact your hosting provider' page. Is this expected behaviour? Is there a way of putting something different here?
 

cPanelLauren

Product Owner II
Staff member
Nov 14, 2017
13,274
1,295
313
Houston
Thanks Lauren - that's really helpful. I guess I've just been doing it the same way and never really thought too much into it! So to clarify when you say via the hostname, you mean via https://hostname.tld.com:2087 ?
You're most welcome!

Yes when I say via the hostname I mean https://host.name.tld:2087

As an aside, if I just visit the hostname in my browser without the 2087 port, I get the 'SORRY! If you are the owner of this website, please contact your hosting provider' page. Is this expected behaviour? Is there a way of putting something different here?
The default page is the expected behavior as the hostname shouldn't have a site or even a redirect attached to it. What you could potentially do is modify the default page at WHM>>Account Functions>>Web Template Editor