The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

SSL certifficate conflict - all https domains redirected to primary https domain

Discussion in 'Security' started by postcd, Sep 16, 2014.

  1. postcd

    postcd Well-Known Member

    Joined:
    Oct 22, 2010
    Messages:
    621
    Likes Received:
    6
    Trophy Points:
    18
    Hello,

    an WHM server with on IP. Three SSL certifficates are installed. THey are visible in "Home »SSL/TLS »Manage SSL Hosts" and one is probably set as "Primary" and this domain certifficate is used for all https:// acros the server.

    It means all domains that do not have https:// and someone use https:// they are redirected tot hat primary certifficate domain, which is unwanted.

    Please how to fix this issue disabling this redirect? Thank You
     
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,762
    Likes Received:
    662
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello :)

    This is the intended behavior. You will need to make a different installed certificate the primary certificate via the "Make Primary" action under the "Manage SSL Hosts" option in WHM if you want a different certificate to appear for Virtual Hosts without a certificate installed.

    Thank you.
     
  3. postcd

    postcd Well-Known Member

    Joined:
    Oct 22, 2010
    Messages:
    621
    Likes Received:
    6
    Trophy Points:
    18
    Thanks, but You probably did not read properly what i need, i dont need different domain to appear, i want https just dont work, dont redirect to other domain..
     
  4. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,762
    Likes Received:
    662
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Right, that is not possible unless you move all of your accounts with SSL to their own private IP addresses.

    Thank you.
     
  5. postcd

    postcd Well-Known Member

    Joined:
    Oct 22, 2010
    Messages:
    621
    Likes Received:
    6
    Trophy Points:
    18
    why it is made to behave like this

    some non-ssl domain redirecting to another when accesswed by https?

    sounds to me like a wrong behavior, can this be programmed proper way without redirecting all non ssl domains to main ssl domain?
     
  6. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,762
    Likes Received:
    662
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    It's because you have installed a SSL certificate on a shared IP address. Thus, a VirtualHost for port 443 exists for that IP address. This is how Apache works, as opposed to a special functionality that cPanel instituted.

    Thank you.
     
    postcd likes this.
  7. postcd

    postcd Well-Known Member

    Joined:
    Oct 22, 2010
    Messages:
    621
    Likes Received:
    6
    Trophy Points:
    18
    Thank for explanation, so there is no way to make apache not redirect all domains to primary SSL domain? Or any way to not make any Primary SSL, i mean i think it redirects to domain which has primary SSL, so to not maky any domain SSL primary? :D
     
  8. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,762
    Likes Received:
    662
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    You could install a self-signed certificate on each domain name on that IP address, move accounts with SSL certificates to their own IP address, or make a different SSL host the primary certificate for the IP address.

    Thank you.
     
  9. postcd

    postcd Well-Known Member

    Joined:
    Oct 22, 2010
    Messages:
    621
    Likes Received:
    6
    Trophy Points:
    18
    Thanks for advice, i see, for one domain new self signed certifficate can be generated from "WHM / SSL/TLS" section
    (Google: WHM how to generate self signed certiffficate)
    that fixed the redirection problem for that one domain

    but there is too much domans (200+) to do this manually, some bulk self signed certifficate generator for all non ssl domains probably dont exist..

    > make a different SSL host the primary certificate
    can be good to be some domain or URL that tells visitor that there is no site at https:// or the domain/site which redirects (using .htaccess) visitor back from where he came, only to HTTP://

     
  10. Sikes

    Sikes Registered

    Joined:
    May 5, 2013
    Messages:
    2
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    Just make a domain/subdomain with self-signed sertificate, make it primary and redirect to $_SERVER['HTTP_HOST'] in index.php. Or better with .htaccess:

    RewriteRule ^ http://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
     
  11. tienngang

    tienngang Member

    Joined:
    Nov 20, 2014
    Messages:
    5
    Likes Received:
    2
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    In hosting of Primary domain, add following below:

    RewriteCond %{HTTPS} =on
    RewriteCond %{HTTP_HOST} !^primarydomain.com
    RewriteRule ^(.*)$ http://%{HTTP_HOST}%{REQUEST_URI} [NC,R=301,L]

    Done! Good luck.
     
    postcd and Duplika like this.
Loading...

Share This Page