I've been trying for some time to figure out all this DNS, nameserver and IP stuff, and I think I did, for the most part, but now I've come to install an SSL certificate and I'm just stuck. I have a VPS with 2 IPs, the 1.1.1.1 is set to NS1 and 2.2.2.2 is set to be NS2 (I also use some secondary NS, but I don't think this is relevant here)
I've started with the hostname "host.domain.com". The Basic Config is set to use the IP 1.1.1.1 as main, and this is also the main VPS IP that I use to log in to WHM. Then I added a second IP, and I've set up NS1 to be 1.1.1.1 and NS2 is using the IP 2.2.2.2
At the moment I have just 2 DNS zones - host.domain.com (with A record host.domain.com pointing to 1.1.1.1) and domain.com (A record points to 1.1.1.1, and the zone also contains an A record for "host" set to 1.1.1.1), so, they both use the same settings (nameservers NS1 and NS2, and their main IP is 1.1.1.1)
I plan to use the second IP 2.2.2.2 for the other sites that I want to create.
Since I'm sick of getting the "Untrusted connection" message in my browser and Thunderbird/Outlook, I purchased a cheap, Positive SSL certificate for host.domain.com, generated CSR and installed it.
Now, in the Manage SSL Hosts i see the installed SSL host "host.domain.com" with the IP 1.1.1.1 and owner nobody. As per some tips that I've found, I made this certificate be shared.
And that's as far as I've come...
If I try to open either https://domain.com:2083, https://1.1.1.1:2083 or https://host.domain.com:2087 I still get "Untrusted connection", and Thunderbird is also giving me Unknown Identity for the Certificate Status...
Can somebody, please, walk me through setting this up?
- Should I move the domain.com to the other IP 2.2.2.2, so that host.domain.com remains the only one using the IP 1.1.1.1?
- Should I change the IP in Basic Config to 2.2.2.2, and make this the main shared IP for setting up new accounts, but leave the DNS zone A record for host.domain com point to 1.1.1.1?
- Would it be easier to set up if I make the domain.com a reseller and assign it to use the 2.2.2.2 as the reseller shared IP. Should I then also change the site IP for domain.com to be 2.2.2.2 or not?
- I assume I don't need a third IP to make this all work?
Thank's in advance for any help
I've started with the hostname "host.domain.com". The Basic Config is set to use the IP 1.1.1.1 as main, and this is also the main VPS IP that I use to log in to WHM. Then I added a second IP, and I've set up NS1 to be 1.1.1.1 and NS2 is using the IP 2.2.2.2
At the moment I have just 2 DNS zones - host.domain.com (with A record host.domain.com pointing to 1.1.1.1) and domain.com (A record points to 1.1.1.1, and the zone also contains an A record for "host" set to 1.1.1.1), so, they both use the same settings (nameservers NS1 and NS2, and their main IP is 1.1.1.1)
I plan to use the second IP 2.2.2.2 for the other sites that I want to create.
Since I'm sick of getting the "Untrusted connection" message in my browser and Thunderbird/Outlook, I purchased a cheap, Positive SSL certificate for host.domain.com, generated CSR and installed it.
Now, in the Manage SSL Hosts i see the installed SSL host "host.domain.com" with the IP 1.1.1.1 and owner nobody. As per some tips that I've found, I made this certificate be shared.
And that's as far as I've come...
If I try to open either https://domain.com:2083, https://1.1.1.1:2083 or https://host.domain.com:2087 I still get "Untrusted connection", and Thunderbird is also giving me Unknown Identity for the Certificate Status...
Can somebody, please, walk me through setting this up?
- Should I move the domain.com to the other IP 2.2.2.2, so that host.domain.com remains the only one using the IP 1.1.1.1?
- Should I change the IP in Basic Config to 2.2.2.2, and make this the main shared IP for setting up new accounts, but leave the DNS zone A record for host.domain com point to 1.1.1.1?
- Would it be easier to set up if I make the domain.com a reseller and assign it to use the 2.2.2.2 as the reseller shared IP. Should I then also change the site IP for domain.com to be 2.2.2.2 or not?
- I assume I don't need a third IP to make this all work?
Thank's in advance for any help