AutoSSL not including 'whm' subdomain?

[tribey2]

Hello,

I've run AutoSSL on my server with Let's Encrypt for around a year now and it's mostly great with my 10 domains or so. Each domain automatically gets a certificate from AutoSSL for:

• The primary domain
• Any subdomain created within the CPanel account for that domain
• WWW prefixes for the primary domain and any subdomain
• Service subdomains: cpanel.* mail.* webdisk.* webmail.*

However, the service subdomain for WHM (whm.*) is not included for any domain, so every time I access whm I have to click through the 'NOT SECURE' page and get the huge red warnings.

So I guess my question(s) is:

(1) How can I get autoSSL to include the whm.* subdomain automatically for all domains?

(2) If that's not possible, can I do this for just one domain and still get it to renew automatically through AutoSSL?
(3) If that's not possible either, can I get AutoSSL to just generate a wildcard certificate for every domain so that every subdomain is covered?

Any help greatly appreciated! I've searched the forums and checked the docs but can't seem to find a solution. I'm surprised whm.* doesn't just get included within the 'service subdomains' like cpanel and webdisk?!

 

[tribey2]

I've just had an 'Oh' moment.

Is this because people don't usually access WHM by going to https://whm.mydomain.com? Do they instead go to https://mydomain.com:2087 ?

Or is it because people just use the IP 192.168.2.1:2087 to access WHM? Or the hostname: https://host.mydomain.com:2087 ?

I've no idea how I got into the whm.mydoamin.com habit - I've been doing this for years, but having looked at the 'Accessing WHM' docs I can see it's not even mentioned now!

If this is the case, what's the most common method of accessing WHM & CPANEL if not via subdomains?

I have a single DO droplet that hosts WHM and a few CPanel accounts, so any guidance here around best practice would be great!

 

[cPanelLauren]

Typically users will access WHM specifically by going to the hostname. AutoSSL will cover whm.domain.tld in the event that the user associated with that domain is a reseller.

 

[tribey2]

Typically users will access WHM specifically by going to the hostname. AutoSSL will cover whm.domain.tld in the event that the user associated with that domain is a reseller.

Thanks Lauren - that's really helpful. I guess I've just been doing it the same way and never really thought too much into it! So to clarify when you say via the hostname, you mean via https://hostname.tld.com:2087 ?

As an aside, if I just visit the hostname in my browser without the 2087 port, I get the 'SORRY! If you are the owner of this website, please contact your hosting provider' page. Is this expected behaviour? Is there a way of putting something different here?

 

[cPanelLauren]

Thanks Lauren - that's really helpful. I guess I've just been doing it the same way and never really thought too much into it! So to clarify when you say via the hostname, you mean via https://hostname.tld.com:2087 ?

You're most welcome!

Yes when I say via the hostname I mean https://host.name.tld:2087

As an aside, if I just visit the hostname in my browser without the 2087 port, I get the 'SORRY! If you are the owner of this website, please contact your hosting provider' page. Is this expected behaviour? Is there a way of putting something different here?

The default page is the expected behavior as the hostname shouldn't have a site or even a redirect attached to it. What you could potentially do is modify the default page at WHM>>Account Functions>>Web Template Editor