The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Install a SSL Certificate and Setup the Domain

Discussion in 'General Discussion' started by BFF, Aug 26, 2008.

Page 1 of 2
  1. BFF

    BFF Registered

    Joined:
    Nov 17, 2006
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    151
    Hi,
    I've a very recently setup WHM Cpanel server.
    WHM 11.23.2 cPanel 11.23.6-R26829
    CENTOS Enterprise 5.2 i686 on standard - WHM X v3.1.0

    I only have (and want) one domain on it. I can generate an SSL certificate for mydomain.co.uk. When I try the "Install a SSL Certificate and Setup the Domain" I get an error:
    Sorry, you must have a dedicated ip to use this feature!
    SSL Install aborted due to error.

    This is not a VDS it's a dedicated server. I have an IP for myself, but WHM doesn't seem to think so.

    I have server.mydomain.co.uk as the hostname, in the one DNS zone.
    I can connect to only https://server.mydomain.co.uk:2087/ securely.
    Everything else refuses to connect (securely), even https://server.mydomain.co.uk:2083/
    But http://mydomain.co.uk or http://cpanel.mydomain.co.uk etc. work perfectly.

    Any advice would be appreciated. Thanks.
     
    #1 BFF, Aug 26, 2008
    Last edited: Aug 26, 2008
  2. JayLevine

    JayLevine Active Member

    Joined:
    Nov 25, 2002
    Messages:
    27
    Likes Received:
    0
    Trophy Points:
    151
    Location:
    New Mexico
    Sounds to me like you have your domain setup on the shared IP for the server.

    I think you'll have to move the domain/account to its own IP address.

    That would be a dedicated IP address.

    Jay
     
    #2 JayLevine, Aug 27, 2008
  3. BFF

    BFF Registered

    Joined:
    Nov 17, 2006
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    151
    I follow, but what I can't understand is why I can't even use a wrong certificate to reach anything other than port :2087

    If I go in with the IP address http://myIP:2087 itworks, but http://myIP:2082 (for cpanel?) wont work. [correction, it's https://myIP:2083 that wont work.]



    Going back to "Installing SSL Certificate" If I try and install one for the hostname (server.mydomain.co.uk) I get this error:
    The specified domain is not configured on the system.

    It is the hostname and it is in the DNS (with an A record) of my mydomain.co.uk.

    So is moving my domain onto a new IP the only way to install a Certificate that can be then shared? :confused:
     
    #3 BFF, Aug 27, 2008
    Last edited: Aug 27, 2008
  4. ralphlw

    ralphlw Member

    Joined:
    Jan 2, 2008
    Messages:
    5
    Likes Received:
    0
    Trophy Points:
    51
    New Feature?

    I have this very same issue. I have always been able to install to the shared ip of the server just sometimes the ssl doesn't work and brings up the first set up domain name, which I'm fine with. I should be able to install an ssl on the shared ip of the server.
     
    #4 ralphlw, Aug 27, 2008
  5. cPanelKenneth

    cPanelKenneth cPanel Development
    Staff Member

    Joined:
    Apr 7, 2006
    Messages:
    4,489
    Likes Received:
    29
    Trophy Points:
    308
    cPanel Access Level:
    Root Administrator
    This is a change made in 11.23.6. The "Install SSL" function in WHM will only allow installing SSL Certificates on cPanel account domains that have a dedicated IP Address. The Shared IP address is not considered a dedicated IP Address.

    One can still install a SSL Certificate for user nobody on arbitrary domains.

    An aside: managing SSL Certificates for the cPanel/WHM/Webmail ports is done with a different interface.
     
    #5 cPanelKenneth, Aug 27, 2008
  6. BFF

    BFF Registered

    Joined:
    Nov 17, 2006
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    151
    I set up the host name as server.mydomain.co.uk before making the account for mydomain.co.uk. Would that explain why I can only connect securly to port 2087?
     
    #6 BFF, Aug 27, 2008
  7. jfoc

    jfoc Well-Known Member

    Joined:
    Sep 17, 2004
    Messages:
    65
    Likes Received:
    0
    Trophy Points:
    156
    cPanel Access Level:
    Root Administrator
    How about if only have 1 ip address? This is possible with older WHM, how to make this working may be with manual?

    thank you
     
    #7 jfoc, Sep 7, 2008
  8. cPanelKenneth

    cPanelKenneth cPanel Development
    Staff Member

    Joined:
    Apr 7, 2006
    Messages:
    4,489
    Likes Received:
    29
    Trophy Points:
    308
    cPanel Access Level:
    Root Administrator
    You could likely add an appropriate SSL VirtualHost to one of the Apache Include files (include editor is in WHM, Service Configuration, Apache Setup).
     
    #8 cPanelKenneth, Sep 8, 2008
  9. jfoc

    jfoc Well-Known Member

    Joined:
    Sep 17, 2004
    Messages:
    65
    Likes Received:
    0
    Trophy Points:
    156
    cPanel Access Level:
    Root Administrator
    It's working
    thanks
     
    #9 jfoc, Sep 8, 2008
  10. haze

    haze Well-Known Member

    Joined:
    Dec 21, 2001
    Messages:
    1,550
    Likes Received:
    3
    Trophy Points:
    318
    Should not the first virtual host in the lineup be considered dedicated to that IP ? Why has this changed and why hasn't the change been clearly outlined within the changelog or directly to customers via other means ?
     
    #10 haze, Sep 16, 2008
  11. cPanelKenneth

    cPanelKenneth cPanel Development
    Staff Member

    Joined:
    Apr 7, 2006
    Messages:
    4,489
    Likes Received:
    29
    Trophy Points:
    308
    cPanel Access Level:
    Root Administrator
    SSL Certificates are for dedicated IP Addresses only. The fact that the old (pre-11.23.6) SSL Installer allowed certificates to be installed on arbitrary cPanel-managed domains was a bug.

    SSL Certificates can still be installed on any IP Address on the system, provided the user is nobody. If you exercise this feature, be aware that if a SSL Certificate is already installed on the selected IP Address the code will consider the install to be a request to upgrade the existing certificate files and will do just that.
     
    #11 cPanelKenneth, Sep 17, 2008
  12. webstyler

    webstyler Well-Known Member

    Joined:
    Nov 20, 2003
    Messages:
    439
    Likes Received:
    0
    Trophy Points:
    166
    Hello

    I have installed RapidSSL certificate on domain..

    This domain not have ipd dedicated so we have used "nobody" and all is ok :)

    The domain is similar to mymail.domainname.com

    Is possible to get https://mymail.domainname.com/ex.html and NOT to get http://mymail.domainname.com/ex.html
    Think this right .. ?

    But, the really problem is that if I try to open
    https://mymail.domainname.com:2096
    I get and error because certificate is not the last installed (for domain) but the server default (as ms1.dom.com) ..

    HOW can I set certificate also for 2083/2096 only for domain mymail.domainname.com ??

    Thanks for any help/suggest
     
    #12 webstyler, Sep 18, 2008
  13. cPanelKenneth

    cPanelKenneth cPanel Development
    Staff Member

    Joined:
    Apr 7, 2006
    Messages:
    4,489
    Likes Received:
    29
    Trophy Points:
    308
    cPanel Access Level:
    Root Administrator
    We don't support per-domain SSL Certificates for the cPanel, WHM or Webmail services at this time.
     
    #13 cPanelKenneth, Sep 18, 2008
  14. webstyler

    webstyler Well-Known Member

    Joined:
    Nov 20, 2003
    Messages:
    439
    Likes Received:
    0
    Trophy Points:
    166
    uhm.. Ok

    what's solutions ?

    what kind of ssl certificate we must buy ?

    thanks
     
    #14 webstyler, Sep 18, 2008
  15. cPanelKenneth

    cPanelKenneth cPanel Development
    Staff Member

    Joined:
    Apr 7, 2006
    Messages:
    4,489
    Likes Received:
    29
    Trophy Points:
    308
    cPanel Access Level:
    Root Administrator
    There is no solution for this at this time. The SSL Certificates for cPanel, WHM and Webmail are not handled by Apache and must be installed using the Manage Service SSL Certificates interface in WHM. This interface only allows a single SSL Certificate per service.
     
    #15 cPanelKenneth, Sep 18, 2008
  16. webstyler

    webstyler Well-Known Member

    Joined:
    Nov 20, 2003
    Messages:
    439
    Likes Received:
    0
    Trophy Points:
    166
    So, we can buy and install SSL certificate but is possible to assign only for single service with "hostname" as sv1.masterdomain.com .. right ?

    The problem is that the certificate is ok only for hostname so when user access to webmail or cpanel, the browser indicate that domain is different

    :(
     
    #16 webstyler, Sep 18, 2008
  17. h4f

    h4f Well-Known Member

    Joined:
    Jun 5, 2007
    Messages:
    63
    Likes Received:
    0
    Trophy Points:
    156
    When do you expect that it is going to be supported.

    RIPE (European IP Regional Internet Registries) only advised 2 IP's per server or to upgrade to IPv6.

    With 100 customers on one server that want a SSL certificate you have to waste allot of IP's.
     
    #17 h4f, Sep 28, 2008
  18. Curious Too

    Curious Too Well-Known Member

    Joined:
    Aug 31, 2001
    Messages:
    428
    Likes Received:
    1
    Trophy Points:
    318
    cPanel Access Level:
    Root Administrator
    How does cpanel determine which IPs are dedicated? I have customers who have only 1 IP address that's dedicated just to them and one hosting account but they can't install certificates because whm thinks their IP is a shared IP.

     
    #18 Curious Too, Sep 30, 2008
  19. ispro

    ispro Well-Known Member

    Joined:
    Apr 8, 2004
    Messages:
    628
    Likes Received:
    1
    Trophy Points:
    168
    We have strange things there.

    We have one account which got Dedicated IP (it is NOT being used by other services/accounts, it is clearly listed in /var/cpanel/users/USER and /var/cpanel/userdata/USER/DOMAIN) but WHM still bitching:

    Sorry, you must have a dedicated ip to use this feature for the user: assist! If you are intending to install a shared certificate you must use the username "nobody" for security and bandwidth reporting reasons.

    But it is not the case! Account do have dedicated IP! Could be the problem related to the fact we installing certificate for www.DOMAIN (which anyway is the alias for DOMAIN and there are no separate account for www.DOMAIN)?
     
    #19 ispro, Oct 15, 2008
  20. ispro

    ispro Well-Known Member

    Joined:
    Apr 8, 2004
    Messages:
    628
    Likes Received:
    1
    Trophy Points:
    168
    ...we also run Apache on port 81 (0.0.0.0:81 in WHM config) if this is interesting for you.
     
    #20 ispro, Oct 15, 2008
(You must log in or sign up to post here.)
Page 1 of 2
Loading...
Similar Threads - Install Certificate Setup
  1. nedimhx

    SOLVED Auto SSL fails to install certificate

    nedimhx, Mar 13, 2017, in forum: Security
    Replies:
    5
    Views:
    307
    Infopro
    Mar 15, 2017
  2. lhoezee

    SOLVED SSL::install_ssl - Certificate verification failed! UNABLE_TO_VERIFY_LEAF_SIGNATURE

    lhoezee, Feb 26, 2017, in forum: cPanel Developers
    Replies:
    3
    Views:
    608
    Infopro
    Feb 27, 2017
  3. @Parth

    Installing Let's Encrypt SSL Certificate

    @Parth, Nov 12, 2016, in forum: Security
    Replies:
    3
    Views:
    656
    cPanelMichael
    Nov 15, 2016
  4. EneTar

    Run custom script upon successful autossl certificate installation

    EneTar, Nov 12, 2016, in forum: cPanel Developers
    Replies:
    1
    Views:
    430
    cPanelMichael
    Nov 16, 2016
  5. linux-tech

    let's encrypt certificate failed to install

    linux-tech, Oct 24, 2016, in forum: Security
    Replies:
    1
    Views:
    444
    cPanelMichael
    Oct 27, 2016

Share This Page