The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Best way to setup shared IP addresses for SSL?

Discussion in 'Bind / DNS / Nameserver Issues' started by slinky, Dec 22, 2015.

  1. slinky

    slinky Well-Known Member

    Joined:
    Jul 26, 2007
    Messages:
    57
    Likes Received:
    0
    Trophy Points:
    6
    I'm having some challenges getting something I'll need to have occur often setup reliably -- setting up a shared IP address dedicated for domains using SSL. I have read a couple of issues with CPanel and SNI which also make me hesitant to use shared IP addresses for SSL (and to some degree, have to question the true level of "security" by doing so, but that's another question.) Can anyone point to a FAQ, page or recommend the way for an admin to set up accounts so that they can share an IP address for different sites using SSL?
     
  2. slinky

    slinky Well-Known Member

    Joined:
    Jul 26, 2007
    Messages:
    57
    Likes Received:
    0
    Trophy Points:
    6
    So I found this document that tells you how to set up NEW accounts using resellers which I'm not altogether clear about but it also doesn't answer the question of how to combine existing accounts that are set up using WHM and currently have their own dedicated IP address.
     
  3. slinky

    slinky Well-Known Member

    Joined:
    Jul 26, 2007
    Messages:
    57
    Likes Received:
    0
    Trophy Points:
    6
  4. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,854
    Likes Received:
    675
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello :)

    You could temporarily change the shared IPv4 address configured via:

    "WHM Home » Server Configuration » Basic cPanel & WHM Setup"

    Then, assign the accounts of your choosing to the IP address, and setup the SSL certificates. Note this document may also help:

    SSL FAQ and Troubleshooting - Documentation - cPanel Documentation

    Thank you.
     
  5. slinky

    slinky Well-Known Member

    Joined:
    Jul 26, 2007
    Messages:
    57
    Likes Received:
    0
    Trophy Points:
    6
    Michael - Thanks. I decided to take down the sites and reset them up under private resellers. But there is a huge problem, which is reiterated above:

    SSL+SNI and sites without SSL installed on the same IP -> Shows another user's site potentially.

    If any IP address is shared with non-ssl sites, the http request goes to another website that is first registered. So if you had https / first.com registered first and then you were trying to add second.com, you can't validate or verify second.com at any stage. It's a serious bug. You register a new domain, download the Google file to verify or from Comodo to verify ownership of the domain. The second.com / textfile.html URL does NOT work. Instead, you get a redirection to first.com saying you have a setup error. So the author of that thread was absolutely correct. Serious problem that needs resolution.
     
  6. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,854
    Likes Received:
    675
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
Loading...

Share This Page