The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

SSL and Sub-domains Revisited

Discussion in 'General Discussion' started by osfdeath, Jan 29, 2004.

  1. osfdeath

    osfdeath Well-Known Member

    Joined:
    Aug 29, 2003
    Messages:
    144
    Likes Received:
    0
    Trophy Points:
    16
    I've searched the board hi and low and just cannot figure it out....

    Just purchased an SSL Certificate to put on a subdomain on my server. A records and subdomains and and and ;)

    My domain name is domain.com
    My subdomain is secure.domain.com (created in cpanel)
    I used the IP 123.456.789.5 for the security certificate.
    I used WHM "Add a DNS Zone" to point the IP 123.456.789.5 to secure.domain.com

    To check if the certificate was installed, I went into my WHM at https://123.456.789.0:2087 - succuess!
    It gave me a popup security alert about the name on the security certificate (but that's because the certificate is for "secure.domain.com" right!)

    When I go to https://123.456.789.5 - success!
    It goes to the index.html i placed into http://domain.com/secure/index.html
    (again with the security alert popup - same reason)

    When I go to https://secure.domain.com - "Page cannot be displayed"

    When I go to http://secure.domain.com - a cPanel "There is no website configured at this address."
    (Ok so I originally added secure.domain.com in my WHM as an account - but it was removed yesterday so shouldn't still be there should it?!?)

    Under WHM - Edit a DNS Zone - secure.domain.com
    Code:
    Domain***********TTL**RecordType***
    secure.domain.com. 14000 NS ns1.domain.com
    secure.domain.com. 14000 NS ns2.domain.com
    secure.domain.com. 14000 A  123.456.789.5 --->(MY cert IP)
    localhost.secure.domain.com. 14000 A 127.0.0.1
    secure.domain.com. 14000 0 secure.domain.com.
    ....then it lists mail, www and ftp as cnames all point to secure.domain.com.
    
    ..and under "Edit an MX Entry" there is a listing for secure.domain.com which points to secure.domain.com

    In cPanel - Subdomains - secure.domain.com - there is no forward listed.

    Does this all look right and what am I missing to make this work?
     
  2. anm

    anm Member

    Joined:
    Apr 22, 2002
    Messages:
    21
    Likes Received:
    0
    Trophy Points:
    1
    I just had this problem this week with a comodo cert and was coming here to post what I did for the next guy.

    I beat my head against the wall for awhile. Eventually this is what I did:

    1. Delete the subdomain secure.domain.com
    2. MANUALLY set the sub-domain up in the sites cpanel.
    3. When the subdomain dns resolves, then reinstall the cert.

    In my case it worked.

    Somehow when WHM creates the subdomain for the cert it doesn't work, or at least didn't for me. what was bizarre was all the httpd.conf entries looked ok, as did the zone file.
     
  3. osfdeath

    osfdeath Well-Known Member

    Joined:
    Aug 29, 2003
    Messages:
    144
    Likes Received:
    0
    Trophy Points:
    16
    I did manually create the subdomain before installing the certificate - but I'll give that a shot :)
     
  4. osfdeath

    osfdeath Well-Known Member

    Joined:
    Aug 29, 2003
    Messages:
    144
    Likes Received:
    0
    Trophy Points:
    16
    Woot - was a matter of waiting for the DNS to resolve
    grrrrr i'm so impatient sometimes

    Still, I was thinking it may be useful to see a copy of a working httpd.conf with SSL entry



    Anyone care to paste an entry here?
     
  5. easyhoster1

    easyhoster1 Well-Known Member

    Joined:
    Sep 25, 2003
    Messages:
    659
    Likes Received:
    0
    Trophy Points:
    16
    Here you go, watch for word wrap on Customlog;

    <IfDefine SSL>
    <VirtualHost xx.xx.xxx.xx:443> <<< add IP address here.
    ServerAdmin user@domain.com
    DocumentRoot /home/usrname/public_html
    <IfModule mod_userdir.c>
    UserDir disabled
    UserDir enabled usrname
    </IfModule>
    User username
    Group username
    ServerName www.domain.com
    ScriptAlias /cgi-bin/ /home/username/public_html/cgi-bin/
    CustomLog /usr/local/apache/domlogs/domain.com-ssl_log "%t %{version}c %{cipher}c %{clientcert}c"
    User username
    Group username
    SSLEnable
    SSLCertificateFile /usr/share/ssl/certs/www.domain.com.crt
    SSLCertificateKeyFile /usr/share/ssl/private/www.domain.com.key
    SSLCACertificateFile /usr/share/ssl/certs/www.domain.com.cabundle
    SSLLogFile /var/log/www.domain.com
    UserDir public_html
    SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
    </VirtualHost>
    </IfDefine>
     
  6. osfdeath

    osfdeath Well-Known Member

    Joined:
    Aug 29, 2003
    Messages:
    144
    Likes Received:
    0
    Trophy Points:
    16
    Awesome - thanks

    That'll be helpful for someone for referencing :)
    Guess I did mine right - even if not, it works ;)
     
Loading...

Share This Page