SSL question

[mehnihma]

Hi

I have installed shared cert for my domain and set it up and that works (https://domain.com) .

But when I go to WHM or CPanel (https://CPANEL.DOMAIN.COM) I get:
The site's security certificate is not trusted!

It gets certificate that was generated from CPanel and self signed.

In SSL/TLS »SSL Key/Crt Manager I see that cpanel.domain.com certificate and my new certifcate for domain.com

How can I install cert just for server not for domain if I delete these certs that I see in WHM. Will I mess up something?

Can you help me with this?

Thanks

 

[arunsv84]

I have installed shared cert for my domain and set it up and that works (https://domain.com) .

Above means the certificate is issued for that domain only and not for subdomains. If you wish to use the same certificate for subdomains, you need to purchase wild card SSL certificate.

How can I install cert just for server not for domain if I delete these certs that I see in WHM. Will I mess up something?

Do you mean installing certificate for server hostname ?

Thanks!

 

[mehnihma]

Hi
Thanks

Yes for the hostname not for the whole domain just for cpanel.domain.com

 

[arunsv84]

You can install SSL for server hostname. Suppose if your server hostname is something like "server.domainname.com", you can install SSL for it after logging to WHM, enter server hostname in the box and enter the user name as nobody.

Please note that you need to purchase SSL for server hostname before this or you can install self signed SSL.

Hope this helps.

- - - Updated - - -

Yes for the hostname not for the whole domain just for cpanel.domain.com

Im still not clear with your query cpanel.domainaname. com? Is this your server hostname or you wish to access control panel for a particular domain at this url ?

 

[quietFinn]

The normal (at least for me) procedure is like this:

Your server's hostname is let's say host.domain.com

You go to WHM-> SSL/TLS->Generate an SSL Certificate and Signing Request
and generate a SSL Certificate & Signing Request (CSR) for host.domain.com

Using that CSR, you get a SSL certificate for host.domain.com

When you get the certificate, you install it in WHM->SSL/TLS-> Install an SSL Certificate and Setup the Domain
Domain: host.domain.com User: nobody << important

Then you go to WHM-> SSL/TLS-> Manage SSL Hosts and select host.domain.com as the shared SSL certificate.

Then you go to WHM-> Service Configuration-> Manage Service SSL Certificates
and for each service you click the link "Install new Certificate", and install the certificate for host.domain.com for the service ( in the field "Domain this CRT is for" you type "host.domain.com", the cert is loaded and you click "submit").

Almost done, now you go to WHM->Server Configuration-> Tweak Settings-> Redirection
set:
Always redirect to SSL = On
Non-SSL redirect destination = Origin Domain Name
SSL redirect destination = SSL Certificate Name

in WHM->Server Configuration-> Tweak Settings-> Security
set:
Require SSL = On