Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

SSL certifficate conflict - all https domains redirected to primary https domain

Discussion in 'Security' started by postcd, Sep 16, 2014.

  1. postcd

    postcd Well-Known Member

    Joined:
    Oct 22, 2010
    Messages:
    694
    Likes Received:
    15
    Trophy Points:
    68
    Hello,

    an WHM server with on IP. Three SSL certifficates are installed. THey are visible in "Home »SSL/TLS »Manage SSL Hosts" and one is probably set as "Primary" and this domain certifficate is used for all https:// acros the server.

    It means all domains that do not have https:// and someone use https:// they are redirected tot hat primary certifficate domain, which is unwanted.

    Please how to fix this issue disabling this redirect? Thank You
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  2. cPanelMichael

    cPanelMichael Technical Support Community Manager
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    44,803
    Likes Received:
    1,898
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hello :)

    This is the intended behavior. You will need to make a different installed certificate the primary certificate via the "Make Primary" action under the "Manage SSL Hosts" option in WHM if you want a different certificate to appear for Virtual Hosts without a certificate installed.

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. postcd

    postcd Well-Known Member

    Joined:
    Oct 22, 2010
    Messages:
    694
    Likes Received:
    15
    Trophy Points:
    68
    Thanks, but You probably did not read properly what i need, i dont need different domain to appear, i want https just dont work, dont redirect to other domain..
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  4. cPanelMichael

    cPanelMichael Technical Support Community Manager
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    44,803
    Likes Received:
    1,898
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    Right, that is not possible unless you move all of your accounts with SSL to their own private IP addresses.

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  5. postcd

    postcd Well-Known Member

    Joined:
    Oct 22, 2010
    Messages:
    694
    Likes Received:
    15
    Trophy Points:
    68
    why it is made to behave like this

    some non-ssl domain redirecting to another when accesswed by https?

    sounds to me like a wrong behavior, can this be programmed proper way without redirecting all non ssl domains to main ssl domain?
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  6. cPanelMichael

    cPanelMichael Technical Support Community Manager
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    44,803
    Likes Received:
    1,898
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    It's because you have installed a SSL certificate on a shared IP address. Thus, a VirtualHost for port 443 exists for that IP address. This is how Apache works, as opposed to a special functionality that cPanel instituted.

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    postcd likes this.
  7. postcd

    postcd Well-Known Member

    Joined:
    Oct 22, 2010
    Messages:
    694
    Likes Received:
    15
    Trophy Points:
    68
    Thank for explanation, so there is no way to make apache not redirect all domains to primary SSL domain? Or any way to not make any Primary SSL, i mean i think it redirects to domain which has primary SSL, so to not maky any domain SSL primary? :D
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  8. cPanelMichael

    cPanelMichael Technical Support Community Manager
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    44,803
    Likes Received:
    1,898
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    You could install a self-signed certificate on each domain name on that IP address, move accounts with SSL certificates to their own IP address, or make a different SSL host the primary certificate for the IP address.

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  9. postcd

    postcd Well-Known Member

    Joined:
    Oct 22, 2010
    Messages:
    694
    Likes Received:
    15
    Trophy Points:
    68
    Thanks for advice, i see, for one domain new self signed certifficate can be generated from "WHM / SSL/TLS" section
    (Google: WHM how to generate self signed certiffficate)
    that fixed the redirection problem for that one domain

    but there is too much domans (200+) to do this manually, some bulk self signed certifficate generator for all non ssl domains probably dont exist..

    > make a different SSL host the primary certificate
    can be good to be some domain or URL that tells visitor that there is no site at https:// or the domain/site which redirects (using .htaccess) visitor back from where he came, only to HTTP://

     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  10. Sikes

    Sikes Registered

    Joined:
    May 5, 2013
    Messages:
    2
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    Just make a domain/subdomain with self-signed sertificate, make it primary and redirect to $_SERVER['HTTP_HOST'] in index.php. Or better with .htaccess:

    RewriteRule ^ http://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
     
  11. tienngang

    tienngang Member

    Joined:
    Nov 20, 2014
    Messages:
    5
    Likes Received:
    2
    Trophy Points:
    3
    cPanel Access Level:
    Root Administrator
    In hosting of Primary domain, add following below:

    RewriteCond %{HTTPS} =on
    RewriteCond %{HTTP_HOST} !^primarydomain.com
    RewriteRule ^(.*)$ http://%{HTTP_HOST}%{REQUEST_URI} [NC,R=301,L]

    Done! Good luck.
     
    postcd and Duplika like this.
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice