The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Install a SSL Certificate and Setup the Domain

Discussion in 'General Discussion' started by BFF, Aug 26, 2008.

  1. BFF

    BFF Registered

    Joined:
    Nov 17, 2006
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    1
    Hi,
    I've a very recently setup WHM Cpanel server.
    WHM 11.23.2 cPanel 11.23.6-R26829
    CENTOS Enterprise 5.2 i686 on standard - WHM X v3.1.0

    I only have (and want) one domain on it. I can generate an SSL certificate for mydomain.co.uk. When I try the "Install a SSL Certificate and Setup the Domain" I get an error:
    Sorry, you must have a dedicated ip to use this feature!
    SSL Install aborted due to error.


    This is not a VDS it's a dedicated server. I have an IP for myself, but WHM doesn't seem to think so.

    I have server.mydomain.co.uk as the hostname, in the one DNS zone.
    I can connect to only https://server.mydomain.co.uk:2087/ securely.
    Everything else refuses to connect (securely), even https://server.mydomain.co.uk:2083/
    But http://mydomain.co.uk or http://cpanel.mydomain.co.uk etc. work perfectly.

    Any advice would be appreciated. Thanks.
     
    #1 BFF, Aug 26, 2008
    Last edited: Aug 26, 2008
  2. JayLevine

    JayLevine Active Member

    Joined:
    Nov 25, 2002
    Messages:
    27
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    New Mexico
    Sounds to me like you have your domain setup on the shared IP for the server.

    I think you'll have to move the domain/account to its own IP address.

    That would be a dedicated IP address.

    Jay
     
  3. BFF

    BFF Registered

    Joined:
    Nov 17, 2006
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    1
    I follow, but what I can't understand is why I can't even use a wrong certificate to reach anything other than port :2087

    If I go in with the IP address http://myIP:2087 itworks, but http://myIP:2082 (for cpanel?) wont work. [correction, it's https://myIP:2083 that wont work.]



    Going back to "Installing SSL Certificate" If I try and install one for the hostname (server.mydomain.co.uk) I get this error:
    The specified domain is not configured on the system.

    It is the hostname and it is in the DNS (with an A record) of my mydomain.co.uk.

    So is moving my domain onto a new IP the only way to install a Certificate that can be then shared? :confused:
     
    #3 BFF, Aug 27, 2008
    Last edited: Aug 27, 2008
  4. ralphlw

    ralphlw Member

    Joined:
    Jan 2, 2008
    Messages:
    5
    Likes Received:
    0
    Trophy Points:
    1
    New Feature?

    I have this very same issue. I have always been able to install to the shared ip of the server just sometimes the ssl doesn't work and brings up the first set up domain name, which I'm fine with. I should be able to install an ssl on the shared ip of the server.
     
  5. cPanelKenneth

    cPanelKenneth cPanel Development
    Staff Member

    Joined:
    Apr 7, 2006
    Messages:
    4,458
    Likes Received:
    22
    Trophy Points:
    38
    cPanel Access Level:
    Root Administrator
    This is a change made in 11.23.6. The "Install SSL" function in WHM will only allow installing SSL Certificates on cPanel account domains that have a dedicated IP Address. The Shared IP address is not considered a dedicated IP Address.

    One can still install a SSL Certificate for user nobody on arbitrary domains.

    An aside: managing SSL Certificates for the cPanel/WHM/Webmail ports is done with a different interface.
     
  6. BFF

    BFF Registered

    Joined:
    Nov 17, 2006
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    1
    I set up the host name as server.mydomain.co.uk before making the account for mydomain.co.uk. Would that explain why I can only connect securly to port 2087?
     
  7. jfoc

    jfoc Well-Known Member

    Joined:
    Sep 17, 2004
    Messages:
    65
    Likes Received:
    0
    Trophy Points:
    6
    cPanel Access Level:
    Root Administrator
    How about if only have 1 ip address? This is possible with older WHM, how to make this working may be with manual?

    thank you
     
  8. cPanelKenneth

    cPanelKenneth cPanel Development
    Staff Member

    Joined:
    Apr 7, 2006
    Messages:
    4,458
    Likes Received:
    22
    Trophy Points:
    38
    cPanel Access Level:
    Root Administrator
    You could likely add an appropriate SSL VirtualHost to one of the Apache Include files (include editor is in WHM, Service Configuration, Apache Setup).
     
  9. jfoc

    jfoc Well-Known Member

    Joined:
    Sep 17, 2004
    Messages:
    65
    Likes Received:
    0
    Trophy Points:
    6
    cPanel Access Level:
    Root Administrator
    It's working
    thanks
     
  10. haze

    haze Well-Known Member

    Joined:
    Dec 21, 2001
    Messages:
    1,550
    Likes Received:
    3
    Trophy Points:
    38
    Should not the first virtual host in the lineup be considered dedicated to that IP ? Why has this changed and why hasn't the change been clearly outlined within the changelog or directly to customers via other means ?
     
  11. cPanelKenneth

    cPanelKenneth cPanel Development
    Staff Member

    Joined:
    Apr 7, 2006
    Messages:
    4,458
    Likes Received:
    22
    Trophy Points:
    38
    cPanel Access Level:
    Root Administrator
    SSL Certificates are for dedicated IP Addresses only. The fact that the old (pre-11.23.6) SSL Installer allowed certificates to be installed on arbitrary cPanel-managed domains was a bug.

    SSL Certificates can still be installed on any IP Address on the system, provided the user is nobody. If you exercise this feature, be aware that if a SSL Certificate is already installed on the selected IP Address the code will consider the install to be a request to upgrade the existing certificate files and will do just that.
     
  12. webstyler

    webstyler Well-Known Member

    Joined:
    Nov 20, 2003
    Messages:
    432
    Likes Received:
    0
    Trophy Points:
    16
    Hello

    I have installed RapidSSL certificate on domain..

    This domain not have ipd dedicated so we have used "nobody" and all is ok :)

    The domain is similar to mymail.domainname.com

    Is possible to get https://mymail.domainname.com/ex.html and NOT to get http://mymail.domainname.com/ex.html
    Think this right .. ?

    But, the really problem is that if I try to open
    https://mymail.domainname.com:2096
    I get and error because certificate is not the last installed (for domain) but the server default (as ms1.dom.com) ..

    HOW can I set certificate also for 2083/2096 only for domain mymail.domainname.com ??

    Thanks for any help/suggest
     
  13. cPanelKenneth

    cPanelKenneth cPanel Development
    Staff Member

    Joined:
    Apr 7, 2006
    Messages:
    4,458
    Likes Received:
    22
    Trophy Points:
    38
    cPanel Access Level:
    Root Administrator
    We don't support per-domain SSL Certificates for the cPanel, WHM or Webmail services at this time.
     
  14. webstyler

    webstyler Well-Known Member

    Joined:
    Nov 20, 2003
    Messages:
    432
    Likes Received:
    0
    Trophy Points:
    16
    uhm.. Ok

    what's solutions ?

    what kind of ssl certificate we must buy ?

    thanks
     
  15. cPanelKenneth

    cPanelKenneth cPanel Development
    Staff Member

    Joined:
    Apr 7, 2006
    Messages:
    4,458
    Likes Received:
    22
    Trophy Points:
    38
    cPanel Access Level:
    Root Administrator
    There is no solution for this at this time. The SSL Certificates for cPanel, WHM and Webmail are not handled by Apache and must be installed using the Manage Service SSL Certificates interface in WHM. This interface only allows a single SSL Certificate per service.
     
  16. webstyler

    webstyler Well-Known Member

    Joined:
    Nov 20, 2003
    Messages:
    432
    Likes Received:
    0
    Trophy Points:
    16
    So, we can buy and install SSL certificate but is possible to assign only for single service with "hostname" as sv1.masterdomain.com .. right ?

    The problem is that the certificate is ok only for hostname so when user access to webmail or cpanel, the browser indicate that domain is different

    :(
     
  17. h4f

    h4f Well-Known Member

    Joined:
    Jun 5, 2007
    Messages:
    63
    Likes Received:
    0
    Trophy Points:
    6
    When do you expect that it is going to be supported.

    RIPE (European IP Regional Internet Registries) only advised 2 IP's per server or to upgrade to IPv6.

    With 100 customers on one server that want a SSL certificate you have to waste allot of IP's.
     
  18. Curious Too

    Curious Too Well-Known Member

    Joined:
    Aug 31, 2001
    Messages:
    427
    Likes Received:
    0
    Trophy Points:
    16
    cPanel Access Level:
    Root Administrator
    How does cpanel determine which IPs are dedicated? I have customers who have only 1 IP address that's dedicated just to them and one hosting account but they can't install certificates because whm thinks their IP is a shared IP.

     
  19. ispro

    ispro Well-Known Member

    Joined:
    Apr 8, 2004
    Messages:
    628
    Likes Received:
    1
    Trophy Points:
    18
    We have strange things there.

    We have one account which got Dedicated IP (it is NOT being used by other services/accounts, it is clearly listed in /var/cpanel/users/USER and /var/cpanel/userdata/USER/DOMAIN) but WHM still bitching:

    Sorry, you must have a dedicated ip to use this feature for the user: assist! If you are intending to install a shared certificate you must use the username "nobody" for security and bandwidth reporting reasons.

    But it is not the case! Account do have dedicated IP! Could be the problem related to the fact we installing certificate for www.DOMAIN (which anyway is the alias for DOMAIN and there are no separate account for www.DOMAIN)?
     
  20. ispro

    ispro Well-Known Member

    Joined:
    Apr 8, 2004
    Messages:
    628
    Likes Received:
    1
    Trophy Points:
    18
    ...we also run Apache on port 81 (0.0.0.0:81 in WHM config) if this is interesting for you.
     
Loading...

Share This Page