The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Wildcard SSL, Dedicated IP, Covering all subdomains

Discussion in 'General Discussion' started by techmight, Mar 18, 2010.

  1. techmight

    techmight Member

    Joined:
    Jul 1, 2008
    Messages:
    11
    Likes Received:
    0
    Trophy Points:
    1
    Environment: Dedicated server running up-to-date RELEASE build with an available IP address.
    Scenario: I create a reseller account for domain.tld and assign IP to the reseller as main shared and main assigned.

    Question: Is it possible to install a wildcard SSL Cert for *.domain.tld on that IP, such that any subdomain.domain.tld would be covered (automagically), as well as the main reseller account of domain.tld?

    End Result: Browsing to https://domain.tld or any account created as a subdomain.domain.tld would be authenticated and secured by a single wildcard SSL Cert, and all reside on the same IP.

    Any guidance on setting up this within cPanel would be most appreciated.
     
  2. Spiral

    Spiral BANNED

    Joined:
    Jun 24, 2005
    Messages:
    2,023
    Likes Received:
    7
    Trophy Points:
    0
    Yes you can do that *IF* the accounts under the reseller are all subdomain based (or have a serveralias setup) though it's not your typical setup and all would have to have the same IP and you would also have to make some manual modifications to httpd.conf to make all of that work and would have to do so for each additional account that you add, update, or change.

    While you could make modifications to the default templates for apache, in this particular case, that wouldn't preclude manual modifications to the virtualhost sections (particularly the SSL hosts) in any of that.

    Personally, I think doing that is more trouble than it's worth and these days SSL certificates are so cheap, not much real point trying to setup shared scenarios anymore traditional, wildcard, or otherwise
     
  3. techmight

    techmight Member

    Joined:
    Jul 1, 2008
    Messages:
    11
    Likes Received:
    0
    Trophy Points:
    1
    I agree with your underlying point, and SSL Certs are pretty cheap these days, however I plan to have tens of subdomains all requiring SSL, and purchasing an additional IP address for each would not be cost effective at all, nor do I have any real requirement that they be on separate IPs either.

    I am not entirely averse to manual changes that may need to be made after each subaccount is setup (and I'm sure those could be reasonably scripted eventually also). Should I look further into this, or is there possibly some other pitfalls I'm failing to see?
     
  4. techmight

    techmight Member

    Joined:
    Jul 1, 2008
    Messages:
    11
    Likes Received:
    0
    Trophy Points:
    1
    Spiral/Others:

    Any further help on this would be much appreciated.
     
Loading...

Share This Page