SSL Question on Shared Host Using SNI


Apr 3, 2018
cPanel Access Level
Website Owner
This might be a bit different question than most but I am concerned with something my shared host might be doing and they don't appear to be competent enough to actually answer it.

I've been using shared hosting at Hostgator for years. Since the push for HTTPS by google, I decided to make the switch. I purchased a DV SSL (Comodo PositiveSSL from that is supposed to secure a single domain on one of my websites. Hostgator is still a decade behind, so not only do they not allow Let's Encrypt, but they also force you to get them to install the SSL for you (for a fee).

Anyway, everything is working find and my site is secured over https now. But here's the problem: I recently created another website on this shared host/server and noticed that it too, by default after installing wordpress, was using the same SSL certificate under the https version of itself.

Hostgator uses SNI. But I was under the impression that SNI allows for multiple sites to use multiple ssls on the same server/IP. Not for one ssl to be universally applied to all websites on that server. Also, my ssl certificate clearly states it's for a single domain, so I am wondering why it is being applied to multiple domains? When I say applied, I mean any new wordpress site I create on this server that I setup as https will automatically have that SSL certificate applied to it.

Is this how SNI works? Or did hostgator mess something up? The last thing I want is for two separate sites to somehow be sharing the same SSL certificate when it's only registered and supposed to be applied to one domain. Again, it's a single-domain SSL certificate, not a multiple.



Well-Known Member
May 25, 2011
New Jersey
cPanel Access Level
DataCenter Provider
It means your site with the SSL installed is the default SSL installed on that IP so any site that does NOT have an SSL installed will automatically load the virtual host of the default site that has an SSL installed on that same IP, that's how SNI works.

So you have 2 options..

1. Install an SSL on your new site. $$
2. Install a self signed SSL on the new site, no cost, but anyone going to the site will see the SSL warning page since its not a signed SSL but if they click through, they will see the correct site where as right now they would basically see the content of the SSL site on your domain with no SSL.

well another option would be... Put your sites with an SSL on one IP, and your non SSL sites on another shared IP(just make sure you don't install an SSL on any of these sites, if you do, move it to your other shared IP for SSLs).

or find a host that offers LE for free, doesn't force you to purchase an SSL AND also turn around and charge you to install it, absurd in my opinion.