Shared SSL Cert Enabled - Setting Location?

garingas

Member
Jan 12, 2004
19
0
151
Hello,
I have real certs for my servers and one of my clients wants to be able to put up some files in a password protected folder that someone can pull down SSL. He doesn't need a cert.

I read in the past that you can use:
https://hostname.provider.com/~username/
...and that it would use the host certificate.

Unfortunately, it doesn't work.

I thought that I had seen a setting in WHM to enable shared use of the cert but for the life of me I cannot find it anywhere in the various config options.

Anyone know where it is?

Thanks!
 

garingas

Member
Jan 12, 2004
19
0
151
Close...

I really appreciate the attempt, but no cigar.

We already have "Enable mod_userdir Protection" unchecked to permit username access to domains.

(We can get to the sites using the user level URL as long as it is http instead of https.)

Thanks!
 

vince512

Active Member
Nov 16, 2003
35
0
156
I am having the same issue...has anyone found a way to correct this?

Thanks,

Vince
 

jayh38

Well-Known Member
Mar 3, 2006
1,212
0
166
I thought that I had seen a setting in WHM to enable shared use of the cert but for the life of me I cannot find it anywhere in the various config options.

Anyone know where it is?

Thanks!

whm > SSL/TLS > Manage SSL Hosts
 

gtgeorge

Well-Known Member
Feb 28, 2007
85
0
156
We too have just found that our shared ssl isn't working. Looking at manage ssl hosts our root server cert is no longer listed, but the secure access to webmail, whm and cpanel still work??
 

MaraBlue

Well-Known Member
May 3, 2005
332
2
168
Carmichael, CA
cPanel Access Level
Root Administrator
We too have just found that our shared ssl isn't working. Looking at manage ssl hosts our root server cert is no longer listed, but the secure access to webmail, whm and cpanel still work??
Same here... in version 10 there was a "reset server certificate" option, but I can't find it in v11.
In WHM's SSL/TLS -> Manage SSL Hosts, there was no shared certificate listed, yet HTTPS for cPanel and WHM works. *shrugs*
 
Last edited:

vince512

Active Member
Nov 16, 2003
35
0
156
Does anyone know if the server cert can still be used as the shared cert or was this functionality taken out of cpanel?
 

cPanelDavidG

Technical Product Specialist
Nov 29, 2006
11,212
13
313
Houston, TX
cPanel Access Level
Root Administrator
Does anyone know if the server cert can still be used as the shared cert or was this functionality taken out of cpanel?
Do you mean the following: whenever someone goes to http://theirDomain.com/securecpanel they are connected to cPanel securely without any SSL warnings even if theirDomain.com itself has no SSL certificate?
 

MACscr

Well-Known Member
Sep 30, 2003
198
5
168
cPanel Access Level
Root Administrator
Hello,
I have real certs for my servers and one of my clients wants to be able to put up some files in a password protected folder that someone can pull down SSL. He doesn't need a cert.

I read in the past that you can use:
https://hostname.provider.com/~username/
...and that it would use the host certificate.

Unfortunately, it doesn't work.

I thought that I had seen a setting in WHM to enable shared use of the cert but for the life of me I cannot find it anywhere in the various config options.

Anyone know where it is?

Thanks!
The problem is that if we use hostname/~username/, then of course users bandwidth isnt counted. Is that correct?
 

cPanelDavidG

Technical Product Specialist
Nov 29, 2006
11,212
13
313
Houston, TX
cPanel Access Level
Root Administrator
The problem is that if we use hostname/~username/, then of course users bandwidth isnt counted. Is that correct?
I believe if you use mod_bandwidth you can have the bandwidth for that user (when their website is accessed via ~username) counted. However, I am unfamiliar with the technical details of how to make that happen.
 

MACscr

Well-Known Member
Sep 30, 2003
198
5
168
cPanel Access Level
Root Administrator
I believe if you use mod_bandwidth you can have the bandwidth for that user (when their website is accessed via ~username) counted. However, I am unfamiliar with the technical details of how to make that happen.
It would be nice to know. Dont think its right for cpanel to offer a way to do shared ssl, but then allow that use to circumvent user resource accounting/management.
 

cPanelDavidG

Technical Product Specialist
Nov 29, 2006
11,212
13
313
Houston, TX
cPanel Access Level
Root Administrator
It would be nice to know. Dont think its right for cpanel to offer a way to do shared ssl, but then allow that use to circumvent user resource accounting/management.
You can very easily prevent users from circumventing such measures by going to WHM -> Security -> Security Center -> Apache mod_userdir Tweak and enabling that tweak. You can also make exclusions to that protection now if you desired.
 

MACscr

Well-Known Member
Sep 30, 2003
198
5
168
cPanel Access Level
Root Administrator
You can very easily prevent users from circumventing such measures by going to WHM -> Security -> Security Center -> Apache mod_userdir Tweak and enabling that tweak. You can also make exclusions to that protection now if you desired.
LOL, that only disables the ability to use the username directories and that then of course disables the possibility to use the shared ssl.

cPanel introduced the shared ssl feature. Now i am only asking you to tell me how i can use that feature and still keep bandwidth accounting in play. I cant believe you would introduce a feature that would circumvent such a thing. You already said it could be done with mod_bandwidth. But my question is how? I am not trying to do anything special, just wanting to use one of your features and keep server integrity in mind.
 

vikins

Well-Known Member
Oct 3, 2006
120
1
168
Bump...

I can't believe this is where this thread ended. Finding a reliable shared secure certificate solution is vital. Is there a resource somewhere that has a recipe for solving this?

Thank you