How do i install Wildcard SSL on WHM

Gus

Member
Jun 13, 2004
8
0
151
Sherman Oaks, California
I am trying to install a wildcard SSL cert on my WHM/Cpanel server but when i do use the process in WHM i dont get my domains resolving to the cert.
For example my cert is set for *.mydomain.com
but when i use this Https://support.mydomain.com it does not use the cert but instead returns an Error 404. I'm on RedHat 9.0 Apache 1.3.29.Thanks
 

easyhoster1

Well-Known Member
Sep 25, 2003
656
0
166
Wild cards require some work in httpd.

Once you install the cert for the domain.com
you also need to add the sub-domain in whm

Add the account with its on IP# support.mydomain.com

Once done, you need to add the ssl directive for
support.mydomain.com in httpd.conf.

Make sure you restart the ssl from apache when you finish editing the http.conf
 

Gus

Member
Jun 13, 2004
8
0
151
Sherman Oaks, California
if its not a bother can u show me how this would be configured

<VirtualHost 216.109.127.29>
BytesLog domlogs/pm.mydomain.com-bytes_log
ServerName pm.mydomain.com
ServerAlias www.pm.mydomain.com
ServerAdmin [email protected]
DocumentRoot /home/mydomain/public_html/pm
CustomLog domlogs/pm.mydomain.com combined
ScriptAlias /cgi-bin/ /home/mydomain/public_html/pm/cgi-bin/
User mydomain
Group mydomain
</VirtualHost>
what changes would i have to make in order for this to work using the wild card cert.Thanks for your help
 

easyhoster1

Well-Known Member
Sep 25, 2003
656
0
166
Right underneath your domains entry, add the following for the ssl

<VirtualHost 216.109.127.29>
BytesLog domlogs/pm.mydomain.com-bytes_log
ServerName pm.mydomain.com
ServerAlias www.pm.mydomain.com
ServerAdmin [email protected]
DocumentRoot /home/mydomain/public_html/pm
CustomLog domlogs/pm.mydomain.com combined
ScriptAlias /cgi-bin/ /home/mydomain/public_html/pm/cgi-bin/
User mydomain
Group mydomain
</VirtualHost>

Enter here;

<IfDefine SSL>
<VirtualHost 216.109.127.29:443>
ServerAdmin [email protected]www.domain.com
DocumentRoot /home/user/public_html
BytesLog domlogs/domain.com.net-bytes_log
User username
Group username
ServerName www.domain.com
ScriptAlias /cgi-bin/ /home/username/public_html/cgi-bin/
CustomLog /usr/local/apache/domlogs/www.domain.com-ssl_log "%t %{version}c %{cipher}c %{clientcert}c"
User username
Group username
SSLEnable
SSLCertificateFile /usr/share/ssl/certs/www.domain.com.crt
SSLCertificateKeyFile /usr/share/ssl/private/www.domain.com.key
SSLCACertificateFile /usr/share/ssl/certs/www.domain.com.cabundle
SSLLogFile /var/log/www.domain.com
UserDir public_html
SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
</VirtualHost>
</IfDefine>

Make sure you change the above for the username and domain name. Becareful of word wrapping in the config file.
Also, make sure the path to the cert is correct, as on FREEBSD
this is the path to ours.

When adding sub-domains under the SSL, just use the above
directive in the config as each sub-domain will require its own IP#

Hope this helps
 

techweb

Member
Feb 12, 2005
8
0
151
I installed this just like it was posted here and the strange thing is that it works fine for IE but FireFox does not work.
 

easyhoster1

Well-Known Member
Sep 25, 2003
656
0
166
techweb said:
I installed this just like it was posted here and the strange thing is that it works fine for IE but FireFox does not work.
Our wildcards come up fine in Firefox. Where did you get your cert from?...You may want to check with the issuer to see if their certs work in FireFox.
 

epak

Member
Jun 24, 2004
15
0
151
So this can only be done if each sub domain has an ip assigned to it?
Just wanting to verify.

But how does whm assign multiple ips to one account?
 

easyhoster1

Well-Known Member
Sep 25, 2003
656
0
166
epak said:
So this can only be done if each sub domain has an ip assigned to it?
Just wanting to verify.

But how does whm assign multiple ips to one account?
Yes, thats correct...each sub-domain requires its own IP.

In WHM, create a new account for the sub-domain, check off the IP box and choose the next IP in the drop down box Ip Address (only for new ip-based accounts). This will work when you created your package to assign a IP address.