SSL Certificate on Add-on Domain

thewebhosting

Well-Known Member
May 9, 2008
1,201
1
68
Hello,

I have hosted a site and as an add-on I have added 2 sites on that main domain. I have already assigned dedicated IP address and installed SSL Certificate on main domain. Now, I need to install SSL Certificate on add-on domain which requires dedicated IP address. How can I assign dedicated IP address to that add-on domain to install the SSL Certificate?
 

Techstar

Member
Feb 20, 2010
19
0
51
Kochi, India.
Since the main domain already has a dedicated IP, I think the add-on domains created on that domain will be counted as using the dedicated IP (because they are not separate accounts). There shouldn't be any issues installing the SSL cert on those two add-on domains. Or are you getting any error messages while trying to install them??
 

madaboutlinux

Well-Known Member
Jan 24, 2005
1,051
2
168
Earth
Hello,

I have hosted a site and as an add-on I have added 2 sites on that main domain. I have already assigned dedicated IP address and installed SSL Certificate on main domain. Now, I need to install SSL Certificate on add-on domain which requires dedicated IP address. How can I assign dedicated IP address to that add-on domain to install the SSL Certificate?
There is no option to assign a dedicated IP to an add-on domain from WHM/cPanel. You have to assign the IP manually to the add-on domain via SSH. The two files you need to edit are

/usr/local/apache/conf/httpd.conf
change the IP in the VirtualHost entry of the domain and restart the httpd service

/var/named/domainname.tld.db
change all the records from old IP to the new IP and restart the named service.

Once you are done with it, you can install a separate SSL for the add-on domain in a normal way from WHM >> SSL section.
 

hostingtech

Member
Feb 4, 2010
21
0
51
Following are the steps you need to do :

Aapache
--------

Edit the file /var/cpanel/useradata/username/subdomain.maindoman.com

Update > ip: 1.2.3.4 entry to required IP

and then run : /usr/local/cpanel/bin/build_apache_conf

Its not recommended to edit the apache configuration directly, so you need to edit the related file as explained above and then rebuild apache conf.

DNS Change
-----------

Edit DNS zone file for maindomain.com and update the A record IP for the related subdomain and save

Then edit the DNS zone file for the addondomain.com and then update the IP A records to required IP and save.


And you are done, after this you can install SSL cert like normal from WHM.
 

cPanelDon

cPanel Quality Assurance Analyst
Staff member
Nov 5, 2008
2,545
12
268
Houston, Texas, U.S.A.
cPanel Access Level
DataCenter Provider
Twitter
I have hosted a site and as an add-on I have added 2 sites on that main domain. I have already assigned dedicated IP address and installed SSL Certificate on main domain. Now, I need to install SSL Certificate on add-on domain which requires dedicated IP address. How can I assign dedicated IP address to that add-on domain to install the SSL Certificate?
To properly configure the SSL virtual host and be able to manage the SSL certificate installation for the domain it will be necessary to remove it from the existing account and setup a new cPanel account for the domain name involved. Once the domain has its own cPanel account then it can be assigned a dedicated IP address via WHM and have an SSL virtual host installed.

Here are the basic steps involved:
1.) Fully remove the add-on domain using cPanel:
cPanel: Main >> Domains >> Addon Domains
2.) Create a new account via WHM for the domain that was just removed:
WHM: Main >> Account Functions >> Create a New Account
3.) Ensure the new account is assigned a dedicated IP address:
WHM: Main >> IP Functions >> Change Site's IP Address
4.) Ensure the SSL certificate is installed with an active SSL virtual host:
WHM: Main >> SSL/TLS >> Install a SSL Certificate and Setup the Domain
 

harikaram

Member
Feb 2, 2009
7
0
51
To properly configure the SSL virtual host and be able to manage the SSL certificate installation for the domain it will be necessary to remove it from the existing account and setup a new cPanel account for the domain name involved. Once the domain has its own cPanel account then it can be assigned a dedicated IP address via WHM and have an SSL virtual host installed.
Can it not be done within the same account somehow by giving it Reseller Privileges? If not then why can WHM allocate multiple IPs to be used by a reseller account?
 

cPanelDon

cPanel Quality Assurance Analyst
Staff member
Nov 5, 2008
2,545
12
268
Houston, Texas, U.S.A.
cPanel Access Level
DataCenter Provider
Twitter
Can it not be done within the same account somehow by giving it Reseller Privileges?
Reseller privileges can be used to allow a reseller to create a new account and or access other areas of WHM.

If not then why can WHM allocate multiple IPs to be used by a reseller account?
The allocation of IP addresses is for use when creating a new account as a reseller.

Or what about the (new?) "Simple DNS Zone Editor" feature?
The Simple DNS Zone Editor allows for DNS zone modification; however, it is not a method to install an SSL certificate. You will need to fully remove the add-on domain and then also have access to WHM to create a new cPanel account for the domain name that needs SSL.
 

tommyz

Member
Nov 11, 2010
5
0
51
You will need to fully remove the add-on domain and then also have access to WHM to create a new cPanel account for the domain name that needs SSL.
Hi

My only problem with this method is that the account and the add-on account share a database. If I create a new account for the add-on domain in order to use a dedicated ip/ssl certificate with it, it will not be able to access the database of the account on which it is currently added.

Is there a way to allow two accounts to share a mysql db?

hope this makes sense,

-tom
 

ez2ask

Registered
Nov 22, 2010
3
0
51
alright never mind my previous post, i figured out that the step I was missing was changing the IP in the dns zone.

this guide explains exactly how to add SSL to add-on domain:
Assigning Dedicated IPs to Subdomains

-tom
Hi,

I have the same issue as mentioned by this post. I have a main domain has already installed SSL and Dedicated IP, now I added an addon domain under this main domain, and files located at the subdirectory under the root.

My question:
- According to the article that refer above, do I need to purchase another SSL cert for the addon domain and then install to the addon domain? Or, my current SSL should work fine for addon domain, but need to do the steps from the refer page?

Thank you very much.
 

tommyz

Member
Nov 11, 2010
5
0
51
hi

according to my understanding, each domain requires a unique ssl and dedicated ip address.

So you will need to assign an ip address to the add-on domain, generate a ssl certificate for it. and then make the changes as in this article (don't forget the A record in the dns manager).

you might want to double check on it,

hope this helps

tom
 

ez2ask

Registered
Nov 22, 2010
3
0
51
hi

according to my understanding, each domain requires a unique ssl and dedicated ip address.

So you will need to assign an ip address to the add-on domain, generate a ssl certificate for it. and then make the changes as in this article (don't forget the A record in the dns manager).

you might want to double check on it,

hope this helps

tom
Hi, Tom:

Thanks your quick respond!

Ok, forgive me, I have a little bit confuse here....
- for "need to assign an ip address to the add-on domain": does this mean I need to purchase another SSL cert from my hosting company or not necessary?

- for "assign an ip address to the add-on domain, generate a ssl certificate for it": so does this mean after I "assign" an different ip address to the add-on, then generate the SSL cert, correct?

I felt very confusing here, because my hosting company ask me to purchase different SSL cert for my add-on domain. But, after I read the article link that you provide, I don't think I need to purchase another one. So, please clarify me, if I misunderstood.

I would like to know if I need to purchase another (different) SSL cert or not for add-on domain, then I will be able to know what should I do next.

Anyway, thank you very much for such quick and great help from you and I really appreciate it.
 

tommyz

Member
Nov 11, 2010
5
0
51
my situation was as follows:

The cpanel account had domain A assigned to it. I then added domain B as an add-on domain.

I needed a SSL certificate for domain B, while I did not have/need one for Domain A.

So the solution I was looking for was to add the SSL certificate to the add-on domain, without having to put it on a new cpanel account.

So I followed that article as I assigned a dedicated IP for the add-on domain, made the DNS A record change, and generated the certificate for domain B.

if I am understanding your situation correctly, you currently have an SSL certificate for the main domain, and now you want to add SSL to an addon domain. In this case, your hosting is correct and you will need to buy another SSL for that domain and also an additional dedicated IP to assign to that domain.

-tom
 

ez2ask

Registered
Nov 22, 2010
3
0
51
my situation was as follows:

The cpanel account had domain A assigned to it. I then added domain B as an add-on domain.

I needed a SSL certificate for domain B, while I did not have/need one for Domain A.

So the solution I was looking for was to add the SSL certificate to the add-on domain, without having to put it on a new cpanel account.

So I followed that article as I assigned a dedicated IP for the add-on domain, made the DNS A record change, and generated the certificate for domain B.

if I am understanding your situation correctly, you currently have an SSL certificate for the main domain, and now you want to add SSL to an addon domain. In this case, your hosting is correct and you will need to buy another SSL for that domain and also an additional dedicated IP to assign to that domain.

-tom
Hi, Tom:

Ok, got it!

So, I do need two SSL certs and two IPs, one for main domain and the other for add-on domain, right?!

Thank you very much for your help and really really appreciate it.
 

tommyz

Member
Nov 11, 2010
5
0
51
Unless a shared SSL solution by your host will be sufficient, but those normally result in a warning message for the client. For e-commerce always go with a private certificate.

Glad I could help

-tom