SSL certificate for SFTP connections on all hosted accounts

trucmuche · Jan 16, 2016

Hello,

I got a free SSL certificate from StartCom and installed it in WHM. It works for getting HTTPS to work for administration (https://www.mydomain.com:2087 and https://www.mydomain.com:2083). But it shows a warning message about incorrect hostname when I try to access https://www.hosteddomain.com:2083 (hosteddomain.com is a client's domain hosted by my vps). Same thing when I try to access FTPS to ftp.hosteddomain.com of course : the certificate does not match the domain name and a warning appears.

I understand the problem, but I wonder if there is a way to get this working "normally" (without paying an expensive certificate). I think that there is no solution (but getting and installing a SSL certificate separately for each hosted domain) but... maybe something I ?

Could you advise me ?

Best regards,

Trucmuche

Infopro · Jan 16, 2016

At this location:
WHM »Server Configuration »Tweak Settings, Redirection tab
Are some settings you might find useful.

trucmuche · Mar 12, 2016

Hmmm. Well... I don't understand, for sure... The actual settings are :

Always redirect to SSL : OFF
Non-SSL redirect destination : Origin Domain Name (this setting doesn't matter for my problem, right ?)
SSL redirect destination : SSL Certificate Name (this seems correct, isn't it ???)
Logout redirection URL : No redirection. (I don't care about logout, here)

And these settings does not apply to FTPS, I think...

So ? What's the solution you're thinking about, @Infopro ?

kdean · Mar 14, 2016

As you saw, a regular SSL certificate for you server hostname will not work when using the other domains hosted on the server.

If you always want them to connect securely, you can redirect them to your hostname by setting "Always redirect to SSL" to On.

Clients can use an http connection to go to domain.com/cpanel and domain.com/webmail and it will redirect to the https connection for your hostname and port of the service.

If you still want to allow both secure and non-secure connections then you would set:

Always redirect to SSL: Off
Non-SSL redirect destination: (can be hostname or origin domain Name)
SSL redirect destination: Hostname (since that is the certificate installed)

cPanelMichael · Mar 14, 2016

Hello

In addition to the previous response, you can find documentation on this at:

Tweak Settings - Redirection - Documentation - cPanel Documentation

You may also want to vote for the following feature request:

SSL certificate per domain on all services

Thank you.

Thread starter	Similar threads	Forum	Replies	Date
	service generated warnings while checking SSL certificates	Security	3	Feb 28, 2023
M	SSL certificate for mail server only (A record is pointed elsewhere)	Security	5	Feb 22, 2023
P	Certificate for a delegated subdomain (AutoSSL + Let's Encrypt).	Security	2	Feb 16, 2023
O	SSL - cPanel says Host SSL expires in 10 days, but Manage Certificates says all is well	Security	1	Jan 28, 2023
W	problem with certificate parent cpanel - run autossl no work	Security	3	Jan 12, 2023

Search

Search

SSL certificate for SFTP connections on all hosted accounts

trucmuche

Well-Known Member

Infopro

Well-Known Member

trucmuche

Well-Known Member

kdean

Well-Known Member

cPanelMichael

Administrator