The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

SSL for Webmail... revisited

Discussion in 'E-mail Discussions' started by kemis, Feb 18, 2007.

  1. kemis

    kemis Well-Known Member

    Joined:
    Feb 17, 2005
    Messages:
    104
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Georgetown, TX
    I've read every single post I can find about SSL for Webmail. None seem to answer my specific issue:

    - I have a Web site & cPanel account for domain.com
    - My server's hostname happens to be lonestar.domain.com
    - I bought an SSL cert & got it installed successfully for webmail.domain.com

    Problem: Whenever I use "webmail.domain.com" to access /webmail, etc, the cert for webmail doesn't get used... the self-generated one for "lonestar" gets picked up.

    Question 1: Do I now need a second SSL cert specifically for lonestar.domain.com?
    Question 2: Did I ever need one for webmail.domain.com?
    Quesiton 3: Is there anyway to avoid having to purchase another SSL cert & somehow use the one I already have for webmail.domain.com on lonestar.domain.com?

    THANK YOU!
    Matt :D
     
  2. jenlepp

    jenlepp Well-Known Member

    Joined:
    Jul 4, 2005
    Messages:
    116
    Likes Received:
    2
    Trophy Points:
    18
    Location:
    Liberty Hill, TX
    cPanel Access Level:
    DataCenter Provider
    Under "Tweak Settings" and "System", so you have When visiting /cpanel or /whm or /webmail with ssl redirect to the servers hostname. ticked?

    As far as SSL, I got tired of the errors and purchased a secure cert for each server name, and ticked this - was the cheapest option and, frankly, IE7 is a bear when it comes to "proper" SSL certs. But that was just me. :)
     
  3. kemis

    kemis Well-Known Member

    Joined:
    Feb 17, 2005
    Messages:
    104
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Georgetown, TX
    No, it's not checked. I've seen that as a solution already & hoped that would be my answer, but it wasn't.

    So, you're saying what I was beginning to think -- I should have bought one for lonestar.domain.com from the get-go.

    I'll give that a shot & report back any issues.

    Matt
     
  4. kemis

    kemis Well-Known Member

    Joined:
    Feb 17, 2005
    Messages:
    104
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Georgetown, TX
    What the heck? I just tried it again one last time before buying an additional SSL & it appears to work fine now. <scratches head>

    The only thing I can think of is that I wound up caching the "bad" cert in both the browsers I was testing at home. (I'm at work now on a fresh system.)

    I'll post back if anything changes, but I guess the moral of the story is to be sure you clear out your SSL certificate cache regularly during testing of this stuff.

    Thanks!
    Matt
     
  5. kemis

    kemis Well-Known Member

    Joined:
    Feb 17, 2005
    Messages:
    104
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Georgetown, TX
    So I bought a new certificate for lonestar & installed it using the "Change Server Certificates" feature in WHM. It installed okay.

    But then I'm having those issues again where, for example, I go to https://lonestar.domain.com & a warning comes up saying that the hostname on the cert doesn't match -- it's pulling the cert for the "webmail" domain I installed even though I've cleared out my SSL cache & tried other browsers.

    I think I'm running into a different issue than before, but my original post question is still valid I believe.

    Before I continue, remember that lonestar.domain.com is the actual cPanel host, while webmail.domain.com is a subdomain of a cPanel account made to host the Web site for domain.com.

    I guess the clearer question then becomes: Can I purchase two separate SSL certs (as opposed to a wildcard) for lonestar & webmail if they are going to be installed on the same cPanel server? If not, then what other options do I have?

    I was trying to avoid having to spend $200 for a wildcard certificate if I can just spend a total of $40 for 2 regular certs.

    Matt
     
    #5 kemis, Feb 22, 2007
    Last edited: Feb 22, 2007
  6. jenlepp

    jenlepp Well-Known Member

    Joined:
    Jul 4, 2005
    Messages:
    116
    Likes Received:
    2
    Trophy Points:
    18
    Location:
    Liberty Hill, TX
    cPanel Access Level:
    DataCenter Provider
    When you click on the server information after the server cert error, what does it actually say the server cert is? Is it giving you the new info?

    Once I installed the commercial cert, I was getting errors until I manually restarted Cpanel from the command line. There seems to be something about the way Cpanel reads the SSL that a restart may be necessary - one way to confirm that may be the problem is to see if the certificate that is serving you is the one that you just installed, or the previous one by clicking the info button when the error comes up.

    A restart was all it took for me to get rid of the errors. If it's not that, let me know what the specific error is - I've wrestled with this bear more than I want to, and my second guess is going to be that it's a chained cert....

    And no, you can't install two certs on the same IP, or so I was told. It's 1 Cert, or a Wildcard cert, as far as I have been able to uncover.
     
Loading...

Share This Page