SOLVED SSL Certificate on a Shared IP

L

LuisPatinoO

Registered
Dec 11, 2016
2
0
1
Mexico
cPanel Access Level
Root Administrator
cPanelTristan said:
Hello,

The issue here is that a shared IP is shared by all domains on the machine. You can install the SSL onto the user nobody and still use an individual domain, but any user going to https://anotherdomain.com will pull up the site of the user's domain that has the SSL. So, basically, here is what happens:

1. You install the certificate for thisdomain.com on the shared IP as the user nobody
2. All sites are on that IP, so anyone hitting https (which is on port 443) will pull up https://thisdomain.com site content even when using https://anothersite.com (they will show their domain in a browser but the content of the https://thisdomain.com site)

You cannot share an IP and still have the SSL only work on one domain name. Everyone is going to be able to see that other site on https. You have to have a dedicated IP for only that user to show https:// for their domain name.

Most hosts will let you purchase an additional IP, and any host running Apache is going to have this same issue with a shared IP showing the content for the one domain for all other sites when loading https in a browser.

Now, if you do not care if other sites load the one domain and only care if the one domain works for https, you would need to take one further step to get it working on the shared IP. In root SSH after installing as the user nobody, you'd need to do the following:

Code: 
cp /var/cpanel/userdata/nobody/thisdomain.com_SSL /var/cpanel/userdata/username/thisdomain.com_SSL
Replace thisdomain.com with the domain name and username with the cPanel username of the account. At that point, you'd then open up the file at /var/cpanel/userdata/username/thisdomain.com_SSL after backing it up:

Code: 
cp /var/cpanel/userdata/username/thisdomain.com_SSL /var/cpanel/userdata/username/thisdomain.com_SSL.bak
vi /var/cpanel/userdata/username/thisdomain.com_SSL
Then edit the following lines (these are taken out of order as there are other lines that I am not showing which do not need to be edited):

Code: 
documentroot: /home/username/public_html/
group: username
homedir: /home/username
user: username
As previously, replace username with the cPanel username.

To replace the httpd.conf (Apache configuration) file with the new content, then you'd run these commands to backup httpd.conf, rebuild it and restart it:

Code: 
cp /usr/local/apache/conf/httpd.conf /usr/local/apache/conf/httpd.conf.bak110125
/scripts/rebuildhttpdconf
/scripts/restartsrv_httpd
Thanks.
Click to expand...


Hi.
In new WHM 6.0, i not see this option "user", how can i do this?
 
cPanelMichael

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,909
2,227
463
LuisPatinoO said:
Hi.
In new WHM 6.0, i not see this option "user", how can i do this?
Click to expand...
Hello,

The thread you responded to is from 2011, so the instructions may no longer be applicable. I've moved this post to a new thread.

Could you explain the specific issue you are facing so we can provide you with the best solution?

Thank you.
 
You must log in or register to reply here.
Thread starter Similar threads Forum Replies Date
B Shared SSL certificate Security 11
I SSL Certificates And Shared IP Security 1
R SSL Certificate Shared Secret Passphrase Lost Security 1
B Shared SSL Certificate URL Installed on my Website Security 5
E Account Copied from a Dedicated IP to a Shared IP and SSL Certificate Issues Security 5
Similar threads
Shared SSL certificate
SSL Certificates And Shared IP
SSL Certificate Shared Secret Passphrase Lost
Shared SSL Certificate URL Installed on my Website
Account Copied from a Dedicated IP to a Shared IP and SSL Certificate Issues
Top Bottom