Installing SSL using UAPI

[lnesheim]

I have searched around the internet without finding a solution to my problem, so im trying to get help or a ide on how to solve it. Im developing a PHP solution, that should be hosted on a shared Apache server with Cpanel enabled, and the domain.com have a wildcard SSL domain installed.

I have activated a wildcard (*) subdomain in the cpanel subdomain section, so by enter 123.domain.com, john.domain.com or whatever.domain.com the visitor are directed to www.domain.com where I use some PHP logic to extract the subdomain name, e.g john, whatever or 123.

Then I check into DB if that subdomain exist, if it does correct content is displayed. If it not exist the user is redirected to the normal www page. This works without any problem.

The only issue is that these "subdomains" don't have SSL activated.

As far as I understand I have to generate a SSL certificate during the user signup, now im using Let's EncryptIt for that purpose. This also works without any problem.

So to the main issue, how to install the generated ssl certificate.

Cpanel seems to have some API called UAPI, but I realy can't figure out how to use the API to install the generated SSL from PHP.

Is it even possible to install a SSL certificate on a "subdomain" that don't exist?

Any tip on how to archive this?

 

[cPRex]

Hey there! You mention you are using Let's Encrypt - is that giving you the cert/key files to use for the install? If so, you can dump those strings to this API to perform the installation, once they are URI encoded:

Install SSL certificate

This function installs an SSL certificate.

api.docs.cpanel.net

Can you see if that's what you are looking for? This is a WHMAPI call, so it will need to escalate to root privileges in order to execute.

I'm also going to move this over to the developer section of the forums since it's more about the programming and less about the security tools themselves.