The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

How to setup a shared SSL?

Discussion in 'General Discussion' started by Secret Agent, Oct 14, 2004.

  1. Secret Agent

    Secret Agent Guest

    Does anyone know how to setup a shared SSL in WHM?

    I have the 128-bit SSL itself already. How would I share it among several domains?
     
  2. isputra

    isputra Well-Known Member

    Joined:
    May 3, 2003
    Messages:
    576
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Mbelitar
    You can try document at CodeWalkers

    It's works for me :D
     
  3. Secret Agent

    Secret Agent Guest

    That shows nothing about shared SSL. Please explain if I'm missing something
     
  4. perlchild

    perlchild Well-Known Member

    Joined:
    Sep 1, 2002
    Messages:
    279
    Likes Received:
    0
    Trophy Points:
    16
    The SSL certificate itself is not shared at install, once you've installed a regular ssl certificate, you can share it, through aliasing/rewrite/redirection/userdir tricks. But nothing about the certificate itself is shared. You just use a regular ssl certificate to share contents that belong to other web hosts on the same machine.

    Just my two cents.
     
  5. Secret Agent

    Secret Agent Guest

    Yes I know the SSL itself is not shared. My question was how do I setup SSL to be shared like the methods you mentioned.

    I want to use some IP method to share the SSL. How do I do this?
     
  6. perlchild

    perlchild Well-Known Member

    Joined:
    Sep 1, 2002
    Messages:
    279
    Likes Received:
    0
    Trophy Points:
    16
    What do you mean by ip method??
     
  7. Secret Agent

    Secret Agent Guest

    Well, to disguise instead of using my actual domain or having to register another domain for the other users who will use the shared SSL.

    I never setup an ssl to be shared so I am asking for assistance
     
  8. perlchild

    perlchild Well-Known Member

    Joined:
    Sep 1, 2002
    Messages:
    279
    Likes Received:
    0
    Trophy Points:
    16
    I'm pretty sure I don't understand you right, since the exact point of ssl is certifiying that an actual domain is the server that was registered for this one domain, disguising is something that SSL is supposed to PREVENT.
    If you share your ssl, everyone is supposed to be able to see your domain in the certificate itself, that's a design goal and a design feature of SSL itself, SSL is meant to prevent your users from pretending to be you(so they can get sued instead of you if someone's money gets stolen).
    How well it can be done in a world of clueless users is debatable, but the original design goals remain.
    You can share an ssl with
    https://yourdomain.com/~user/
    using the cpanel userdir tweak
    or like I do, with mod_rewrite rewrite rules as
    https://yourdomain.com/otherdomain.com/user/
    But there is no disguising. If it was possible, visa, MC, ebay and hotmail would be working on a new standard as we speak.
     
  9. isputra

    isputra Well-Known Member

    Joined:
    May 3, 2003
    Messages:
    576
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Mbelitar
    You can use document that i told you. Yes, you must do it manually from SSH for every domain.

    After that edit httpd.conf and add below code for every domain you add between
    <IfDefine SSL> and </IfDefine SSL> :

    Change sharedIPhere with your shared IP and the exact location of your Cert File.

    Code:
    <VirtualHost sharedIPhere:443>
    ServerAdmin webmaster@domain.com
    DocumentRoot /home/domain/public_html
    BytesLog domlogs/domain.com-bytes_log
    ServerName www.domain.com
    CustomLog /usr/local/apache/domlogs/domain.com-ssl_log "%t %{version}c %{cipher}c %{clientcert}c"
    User domain
    Group domain
    <IfModule mod_userdir.c>
    Userdir disabled
    Userdir enabled domain
    </IfModule>
    SSLEnable
    SSLCertificateFile /usr/local/apache/keys/domain.com.cert
    SSLCertificateKeyFile /usr/local/apache/keys/domain.com.key
    SSLLogFile /var/log/domain.com
    UserDir public_html
    ScriptAlias /cgi-bin/ /home/domain/public_html/cgi-bin/
    SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
    </VirtualHost>
    
    I hope this can help you :D
     
Loading...

Share This Page