The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

WHM/cPanel shared IP SSL cert for :2087 and :2083

Discussion in 'Security' started by Smaily, Oct 3, 2011.

  1. Smaily

    Smaily Well-Known Member

    Joined:
    Sep 19, 2011
    Messages:
    46
    Likes Received:
    0
    Trophy Points:
    6
    cPanel Access Level:
    Root Administrator
    Sorry, Im beginner on this!

    I have hostname angel.evilhostin.com
    evilhostin.com IP is 80.70.111.110 (Dedicated IP, not shared, domain has SSL and uses HTTPS)

    All clients accounts are on shared IP 80.70.111.102

    When I try to go to one of my clients web address and clientdomainn.com/cpanel then it will tell me
    Internet Explorer: "There is a problem with this website's security certificate."
    Firefox: "SSL encryption is required for access to this server."
    When I click Log in using SSL.

    Technical Details
    clientdomainn.com:2083 uses an invalid security certificate.

    The certificate is not trusted because it is self-signed.
    The certificate is only valid for angel.evilhostin.com

    (Error code: sec_error_untrusted_issuer)


    Now when I go to WHM

    Main >> SSL/TLS >> Purchase & Install SSL Certificate

    I can choose Certificate Hostname (ex. secure.myhost.com)
    Shall I make new hostname to one of domains that is actually using shared IP 80.79.111.102 or can I use certificate that has been made for angel.evilhostin.com but for another dedicated IP 80.79.111.110 ?


    Basically my question is how can I get working clients HTTPS domains when they are hitting their homepage + /cpanel without SSL cert warning? (they all have shared IP 80.79.111.102)
     
  2. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    14,461
    Likes Received:
    195
    Trophy Points:
    63
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    You might try the settings here:

    WHM > Server Configuration > Tweak Settings, Redirection tab. And redirect all users to SSL.

    Your users will still have to accept the cert into their browser or add an exception as offered in firefox.
     
  3. Smaily

    Smaily Well-Known Member

    Joined:
    Sep 19, 2011
    Messages:
    46
    Likes Received:
    0
    Trophy Points:
    6
    cPanel Access Level:
    Root Administrator
    any chance to get it working without "exception" request? I can buy another certificate if needed.
     
  4. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    14,461
    Likes Received:
    195
    Trophy Points:
    63
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    Sure you can purchase a cert for the server, lots of threads on this topic. Even at the bottom of this very thread in the "Similar threads" block.
     
  5. cwalke32477

    cwalke32477 Well-Known Member

    Joined:
    Mar 2, 2010
    Messages:
    94
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Atlanta, Georgia
    cPanel Access Level:
    Root Administrator
    In order to avoid SSL errors, on server address (https://server.domain.com:xxxx) you will need to purchase a valid 3rd party SSL certificate for the specific hostname.
    Then go to WHM >> Main >> Service Configuration >> Manage Service SSL Certificates
    to install the certificates, on each service.

    After the certificate, is setup for the services, you need to go into tweak settings and setup redirect to ssl, and set that for ssl hostname.
    Now, when your clients got to http://theredomain.com/cpanel, it will auto redirect to https://server.domain.com:2083, and be error free :D


    You can also opt to use the new certificate as a shared ssl certificate, accessible by your clients by:
    WHM >> Main >> SSL/TLS >> Manage SSL Hosts
    then select the certificate from the drop down box.
    There may be another step for the shared ssl cert, but I can't quite remeber off the top of my head. It may need to be installed on an actual domain first - not sure anymore
     
    #5 cwalke32477, Oct 12, 2011
    Last edited: Oct 12, 2011
  6. kers7754

    kers7754 Active Member

    Joined:
    Jan 13, 2011
    Messages:
    36
    Likes Received:
    0
    Trophy Points:
    6
    My hostname is jkhost23.doory.com

    I would like to install a 3rd party cert for all services (SMTP, cPanel/WHM/Webmail service, Dovecot Mail Server, ftp server).

    Do I need to purchase 4 different SSLs? Or can I get a single SSL for jkhost23.doory.com and use that for all services?
     
  7. kers7754

    kers7754 Active Member

    Joined:
    Jan 13, 2011
    Messages:
    36
    Likes Received:
    0
    Trophy Points:
    6
    Apparently you can install the same hostname cert for each service! Thank you for this thread; it taught me a lot!
     
Loading...

Share This Page