I'm having some challenges getting something I'll need to have occur often setup reliably -- setting up a shared IP address dedicated for domains using SSL. I have read a couple of issues with CPanel and SNI which also make me hesitant to use shared IP addresses for SSL (and to some degree, have to question the true level of "security" by doing so, but that's another question.) Can anyone point to a FAQ, page or recommend the way for an admin to set up accounts so that they can share an IP address for different sites using SSL?
So I found this document that tells you how to set up NEW accounts using resellers which I'm not altogether clear about but it also doesn't answer the question of how to combine existing accounts that are set up using WHM and currently have their own dedicated IP address.
Here is another area of concern regarding SNI and shared IP addresses for SSL. I'm wondering if it isn't a good idea to try to put all SSL sites on one IP address and the way to set that up. And then there is this thread which is enough to make your head spin on the best way to set these things up.
Hello 
You could temporarily change the shared IPv4 address configured via:
"WHM Home » Server Configuration » Basic cPanel & WHM Setup"
Then, assign the accounts of your choosing to the IP address, and setup the SSL certificates. Note this document may also help:
SSL FAQ and Troubleshooting - Documentation - cPanel Documentation
Thank you.
You could temporarily change the shared IPv4 address configured via:
"WHM Home » Server Configuration » Basic cPanel & WHM Setup"
Then, assign the accounts of your choosing to the IP address, and setup the SSL certificates. Note this document may also help:
SSL FAQ and Troubleshooting - Documentation - cPanel Documentation
Thank you.
Michael - Thanks. I decided to take down the sites and reset them up under private resellers. But there is a huge problem, which is reiterated above:
SSL+SNI and sites without SSL installed on the same IP -> Shows another user's site potentially.
If any IP address is shared with non-ssl sites, the http request goes to another website that is first registered. So if you had https / first.com registered first and then you were trying to add second.com, you can't validate or verify second.com at any stage. It's a serious bug. You register a new domain, download the Google file to verify or from Comodo to verify ownership of the domain. The second.com / textfile.html URL does NOT work. Instead, you get a redirection to first.com saying you have a setup error. So the author of that thread was absolutely correct. Serious problem that needs resolution.
SSL+SNI and sites without SSL installed on the same IP -> Shows another user's site potentially.
If any IP address is shared with non-ssl sites, the http request goes to another website that is first registered. So if you had https / first.com registered first and then you were trying to add second.com, you can't validate or verify second.com at any stage. It's a serious bug. You register a new domain, download the Google file to verify or from Comodo to verify ownership of the domain. The second.com / textfile.html URL does NOT work. Instead, you get a redirection to first.com saying you have a setup error. So the author of that thread was absolutely correct. Serious problem that needs resolution.
That question is addressed in the URL provided in my previous post. In particular, this section:
SSL FAQ and Troubleshooting - Documentation - cPanel Documentation.
Could you let us know if that helps to explain the issue?
Thank you.
SSL FAQ and Troubleshooting - Documentation - cPanel Documentation.
Could you let us know if that helps to explain the issue?
Thank you.
| Thread starter | Similar threads | Forum | Replies | Date |
|---|---|---|---|---|
| S | Best method to remove from domain zone | Domain Management | 5 | |
| R | Best Way to Setup Subdomains? | Domain Management | 1 | |
| A | Took my best shot, DNS Setup Advice Please! | Domain Management | 1 | |
| H | best way to setup DNS | Domain Management | 8 | |
| W | How to setup subdomain accounts best practice? | Domain Management | 5 |