The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

SNI and https problems

Discussion in 'Bind / DNS / Nameserver Issues' started by Jheroen, Jan 23, 2016.

  1. Jheroen

    Jheroen Member

    Joined:
    Mar 18, 2008
    Messages:
    13
    Likes Received:
    0
    Trophy Points:
    1
    Hi all,

    Our servers are configured to let SNI work, we like to have different https certificates on our main server IP adress.
    Problem: one domain has https, other domains who do not have a certificate but try to set https://domain etc getting a wrong certificate error in the browser, the certificate from the https customer does appear as certificate for other non https domains on the same IP.

    We like to know if there is a clear guide which we can use to configure our servers the right way so we can:
    • use multiple certificates on one server IP
    • we don't have problems with wrong certificate names on non https domains
    • use the posibilities SNI gives us
    We use CentOs 6.7 + and recent apache and php versions.

    Who knows the answer?
     
  2. Jheroen

    Jheroen Member

    Joined:
    Mar 18, 2008
    Messages:
    13
    Likes Received:
    0
    Trophy Points:
    1
    I maybe found it but have a question, here: Manage SSL Hosts - Documentation - cPanel Documentation

    In the part SNI for Mail Services there is a setting that mentions Is Web SNI Required?
    For the domains that do have a certificate atm this should be enabled but it appears as disabled while on SNI enabled servers this should be active. Maybe the lack of using the right setting here is the couse of the ssl/non ssl problem.

    Question: how do i enable Is Web SNI Required? on a Installed SSL Host? I can't edit any, any help would be welcome :)

    Another setting i found:
    Is Primary Website on IP Address? Says Yes on the installed host but imho it should be no here because it's just one of the domains on this server

    So two options:
    • Is Primary Website on IP Address = Yes (should be no?)
    • Is Web SNI Required? = No (should be yes?)
     
    #2 Jheroen, Jan 23, 2016
    Last edited: Jan 23, 2016
  3. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,678
    Likes Received:
    654
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello :)

    This document in particular answers the question:

    SSL FAQ and Troubleshooting - Documentation - cPanel Documentation.

    Thank you.
     
Loading...

Share This Page