The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Single SSL certificate, multiple services + Apache

Discussion in 'Security' started by binarytree, Jun 6, 2012.

  1. binarytree

    binarytree Registered

    Joined:
    Jun 6, 2012
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    Hi,

    Done quite a few searches about this, but I do need a confirmation from an expert (Where are thou Tristan?) about a few questions I have:

    A) On the "Manage Service SSL Certificates" page: can I install a single purchased certificate, issued for my hostname (host.mydomain.com), on all and every services (Exim, Dovecot, etc.) AND as a shared SSL certificate (which covers SSL for Apache only I gather)?

    B) On the "Install a SSL Certificate and Setup the Domain" page: for the Apache shared SSL certificate, do I set the user to "nobody"?

    C) Does the third textarea of the page listed in point B) with the "Paste the ca bundle here (optional)" caption needs to be filled with the Intermediate CA Certificate (I bought a positiveSSL certificate from Comodo)?

    D) Is there any other specific steps outside of these two pages that I should consider to accomplish my goal of eliminating all warnings for my system as a whole?

    E) When the certificate renewal comes, what is the least painful way to accomplish it (link welcomed)?

    I will consider any human answering these questions as a personal friend to the death or until my server crashes and burns, whichever comes first.

    Thanks :)
     
  2. MilesWeb

    MilesWeb Well-Known Member
    PartnerNOC

    Joined:
    May 23, 2012
    Messages:
    174
    Likes Received:
    2
    Trophy Points:
    18
    Location:
    India
    cPanel Access Level:
    Root Administrator
    @binarytree I have answered your questions below. Hope it helps.

    A) On the "Manage Service SSL Certificates" page: can I install a single purchased certificate, issued for my hostname (host.mydomain.com), on all and every services (Exim, Dovecot, etc.) AND as a shared SSL certificate (which covers SSL for Apache only I gather)?

    Yes, if you issue SSL on server hostname, you can install the same SSL certificate on all the services & will work as shares SSL.

    B) On the "Install a SSL Certificate and Setup the Domain" page: for the Apache shared SSL certificate, do I set the user to "nobody"?

    Yes, when installing SSL on server hostname (shared), use username as nobody.

    C) Does the third textarea of the page listed in point B) with the "Paste the ca bundle here (optional)" caption needs to be filled with the Intermediate CA Certificate (I bought a positiveSSL certificate from Comodo)?

    Yes, you need to paste the Intermediate CA in CA Bundle caption.

    D) Is there any other specific steps outside of these two pages that I should consider to accomplish my goal of eliminating all warnings for my system as a whole?

    To install a SSL on hostname, there is nothing you need other than this.

    E) When the certificate renewal comes, what is the least painful way to accomplish it (link welcomed)?

    Contact your SSL provider the time SSL is renewed. You can use the current CSR to issue a new one OR create a new one as well. Depends how you want it to.
     
  3. binarytree

    binarytree Registered

    Joined:
    Jun 6, 2012
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    Thanks @milesgeek, much appreciated!
     
  4. MilesWeb

    MilesWeb Well-Known Member
    PartnerNOC

    Joined:
    May 23, 2012
    Messages:
    174
    Likes Received:
    2
    Trophy Points:
    18
    Location:
    India
    cPanel Access Level:
    Root Administrator
    Most welcome ! Cheers
     
Loading...

Share This Page