Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Best way to setup shared IP addresses for SSL?

Discussion in 'Bind/DNS/Nameserver' started by slinky, Dec 22, 2015.

  1. slinky

    slinky Well-Known Member

    Joined:
    Jul 26, 2007
    Messages:
    74
    Likes Received:
    1
    Trophy Points:
    58
    I'm having some challenges getting something I'll need to have occur often setup reliably -- setting up a shared IP address dedicated for domains using SSL. I have read a couple of issues with CPanel and SNI which also make me hesitant to use shared IP addresses for SSL (and to some degree, have to question the true level of "security" by doing so, but that's another question.) Can anyone point to a FAQ, page or recommend the way for an admin to set up accounts so that they can share an IP address for different sites using SSL?
     
  2. slinky

    slinky Well-Known Member

    Joined:
    Jul 26, 2007
    Messages:
    74
    Likes Received:
    1
    Trophy Points:
    58
    So I found this document that tells you how to set up NEW accounts using resellers which I'm not altogether clear about but it also doesn't answer the question of how to combine existing accounts that are set up using WHM and currently have their own dedicated IP address.
     
  3. slinky

    slinky Well-Known Member

    Joined:
    Jul 26, 2007
    Messages:
    74
    Likes Received:
    1
    Trophy Points:
    58
  4. cPanelMichael

    cPanelMichael Technical Support Community Manager
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    44,802
    Likes Received:
    1,896
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hello :)

    You could temporarily change the shared IPv4 address configured via:

    "WHM Home » Server Configuration » Basic cPanel & WHM Setup"

    Then, assign the accounts of your choosing to the IP address, and setup the SSL certificates. Note this document may also help:

    SSL FAQ and Troubleshooting - Documentation - cPanel Documentation

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  5. slinky

    slinky Well-Known Member

    Joined:
    Jul 26, 2007
    Messages:
    74
    Likes Received:
    1
    Trophy Points:
    58
    Michael - Thanks. I decided to take down the sites and reset them up under private resellers. But there is a huge problem, which is reiterated above:

    SSL+SNI and sites without SSL installed on the same IP -> Shows another user's site potentially.

    If any IP address is shared with non-ssl sites, the http request goes to another website that is first registered. So if you had https / first.com registered first and then you were trying to add second.com, you can't validate or verify second.com at any stage. It's a serious bug. You register a new domain, download the Google file to verify or from Comodo to verify ownership of the domain. The second.com / textfile.html URL does NOT work. Instead, you get a redirection to first.com saying you have a setup error. So the author of that thread was absolutely correct. Serious problem that needs resolution.
     
  6. cPanelMichael

    cPanelMichael Technical Support Community Manager
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    44,802
    Likes Received:
    1,896
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice