Point subdomain to port on localhost with TLS/SSL?

[kartikynwa]

Hello. I am on a Godaddy VPS with cPanel and WHM. The server is running Metabase at port 3000, and I am trying to get the server to serve it at https://metabase.domain.tld.

So far I have managed to get it to work without TLS/SSL, so I can access http://metabase.domain.tld perfectly. For this I have followed these steps:

1. Add the subdomain on Godaddy under the "Domain Management" option.
2. Install `mod_proxy` from EasyApache in WHM.
3. From WHM, under "Apache Configuration", edit the pre virtualhost global file and add the following content:

<VirtualHost public_ip:443>
  ServerName metabase.domain.tld

  ProxyRequests Off
  <Proxy *>
    Order deny,allow
    Allow from all
  </Proxy>

  ProxyPass / http://localhost:3000/
  ProxyPassReverse / http://localhost:3000/
  <Location />
    Order allow,deny
    Allow from all
  </Location>
</VirtualHost>

4. SSH into the server and run the following scripts to rebuild the httpd.conf and then restart httpd:

$ /usr/local/cpanel/scripts/rebuildhttpdconf
$ /usr/local/cpanel/scripts/restartsrv_httpd

The problem is that I don't know how to incorporate the required certificate files in this setup. The SSL certificates are managed by cPanel and in httpd.conf they are sourced from /var/cpanel/ssl/apache_tls/sub.domain.tld/combined. This is how it is for the subdomains I have created from cPanel which point to different document roots inside the public_http folder. But I don't know how I would go about generating certificates for metabase.domain.tld since I haven't added it form cPanel.

I hope I have given enough information. I am a bit clueless about TLS/SSL so any input is highly appreciated. Thanks very much for reading this.

 

[cPanelLauren]

What I believe you want to modify instead is the VirtualHost include not the previrtualhost include - the documentation here should be helpful Modify Apache Virtual Hosts with Include Files | cPanel & WHM Documentation

 

[kartikynwa]

What I believe you want to modify instead is the VirtualHost include not the previrtualhost include - the documentation here should be helpful Modify Apache Virtual Hosts with Include Files | cPanel & WHM Documentation

Hi, Lauren.

Thanks a lot for replying. I came across into this documentation while searching around but I was a bit confused probably because of my inexperience.

The problem I ran into was that to add /etc/apache2/conf.d/userdata/ssl/2_4/user/domain/includename.conf to a virtual host, I would have to create a subdomain from cPanel's "Subdomain" menu which requires me to set a DocumentRoot, something I don't want to do since all I want to do is set up a proxy/reverse-proxy to localhost:3000. So I didn't know how to proceed with this.

Any advice in this regard?

Again, thanks very much for replying. Really appreciate it.

 

[kartikynwa]

What I believe you want to modify instead is the VirtualHost include not the previrtualhost include - the documentation here should be helpful Modify Apache Virtual Hosts with Include Files | cPanel & WHM Documentation

Hi again, Lauren.

I figured it out thanks to your help. I will leave the instructions here for posterity.

1. Register new subdomain with your hosting provider
2. Create said new subdomain on cPanel's "Subdomain" section. The document root can be anything. I chose the subdomain `metabase.domain.tld` and I put a placeholder page at `/home/cpanel_user/public_html/index.html`. But I did run into problems when I chose the domain name to be `/public_html` and had to delete and create the domain again.
3. If you are using AutoSSL and WHM, you can go WHM > "Manage AutoSSL" > Run checks to generate certificates for your new subdomain,
4. Follow the instructions of this post to set up a proxy/reverse-proxy.

Thanks again.

 

[kartikynwa]

A correction because I don't know how to edit posts. I put a placeholder page at `/home/cpanel_user/public_html/metabase/index.html` not `/home/cpanel_user/public_html/metabase/index.html` as mentioned in the previous post.

 

[cPanelLauren]

I'm really glad you were able to find the resolution for that! Thank you for updating the thread here as well.