The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Untrusted SSL For Client Domains

Discussion in 'Security' started by redwax, Jan 6, 2012.

  1. redwax

    redwax Registered

    Joined:
    Dec 16, 2011
    Messages:
    2
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    I would like to allow my client to access their domains via https://their-domain.com prior to them installing an SSL certificate. However, I get a 404 page not found error if specifying the script name or redirected to https://their-domain.com/cgi-sys/defaultwebpage.cgi if I specify only the domain name. I'm not really fussed about shared SSL and using the https://server/~user url as this complicates things for users when testing.

    I wonder if I've done something wrong or if I need to do something specifically to enable this?

    Many thanks in advance.
     
    #1 redwax, Jan 6, 2012
    Last edited: Jan 6, 2012
  2. storminternet

    storminternet Well-Known Member

    Joined:
    Nov 2, 2011
    Messages:
    462
    Likes Received:
    0
    Trophy Points:
    16
    cPanel Access Level:
    Root Administrator
    Domains should have ssl installed on it if you want to access it with https. Unless there is ssl installed on your site you can not access it with https. If you have not purchased ssl from any ssl vendor yet then you can use self sign ssl.
    You will receive warnings everytime when you access to site at https but at least you can test the site running at https.

    Please refer to SSL/TLS for how to create csr, ssl from WHM
     
  3. redwax

    redwax Registered

    Joined:
    Dec 16, 2011
    Messages:
    2
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    Hey thanks for this. I've an unsigned shared SSL installed installed using the hostname of the server. I was under the impression from previous usage of cpanel that a client domain could utilise this (albeit with a warning) in the form https://their-domain.com during testing without them needing to generate their own self signed certificate. I'me sure I've used hosts in the past that have had this behaviour in pace.

    Currently, if I access https://their-domain.com, I get the a certificate warning, which accept, before being forwarded to https://their-domain.com/cgi-sys/defaultwebpage.cgi which is a 'Default' Website Page'.

    Your help is apreciated
     
  4. minosjl

    minosjl Well-Known Member

    Joined:
    Jun 4, 2011
    Messages:
    168
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    India
    cPanel Access Level:
    Root Administrator
    checkout your apache configuration file and make sure the 443 virtual host entries are there .
     
  5. cPanelTristan

    cPanelTristan Quality Assurance Analyst
    Staff Member

    Joined:
    Oct 2, 2010
    Messages:
    7,623
    Likes Received:
    21
    Trophy Points:
    38
    Location:
    somewhere over the rainbow
    cPanel Access Level:
    Root Administrator
    If these sites are on the shared IP address rather than having their own SSL certificate and dedicated IP address, then trying to access the domain name if you've installed an SSL onto the hostname for Apache would simply redirect the domain to the default page rather than the user's website. You cannot access an SSL of one domain (the hostname in this instance) and pull up the site of another domain. It simply will not work that way.

    If you want to have each site using their own SSL certificate to show their domain name, then every single site will need to have a dedicated IP address and an SSL certificate. It can be a self-signed SSL certificate, but it would still need to be generated in WHM first.

    Otherwise, you could use the shared IP's SSL certificate under the hostname via https://hostname.domain.com/~cPanelusername

    If you use the temporary url for the cPanel username, this would show the site because it is a different mechanism for displaying the site contents.
     
Loading...

Share This Page