The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Wildcard SSL for domain

Discussion in 'General Discussion' started by NDanecker, Sep 16, 2011.

  1. NDanecker

    NDanecker Member

    Joined:
    May 24, 2010
    Messages:
    14
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Point Pleasant, NJ USA
    cPanel Access Level:
    Root Administrator
    I am having trouble installing a wildcard certificate for a domain being hosted. The domain is different then the server domain and has a dedicated IP.

    I setup a key with the domain *.domain.com.

    I setup a csr with the domain *.domain.com.

    I received the certificate from the signing authority and it has the domain *.domain.com.

    Then when I try to activate the SSL I have two options for the domain: domain.com and www.domain.com. There is no *.domain.com. I've tried both and unable to fetch any key, csr, etc.

    I've searched and although this feature isn't available in the front end I think people have done this before. Just can't wrap my head around it to make it work for me.

    Thanks!
     
  2. NixTree

    NixTree Well-Known Member

    Joined:
    Aug 19, 2010
    Messages:
    387
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    Gods Own Country
    cPanel Access Level:
    Root Administrator
  3. Drake

    Drake Well-Known Member

    Joined:
    Nov 9, 2001
    Messages:
    83
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    New Jersey
    cPanel Access Level:
    DataCenter Provider
    I'v been having wild card ssl cert issues too. Not just on one server, but sharing the same multi-server, unlimited subdomain cert between servers. The only problem there is that each server has a different private key. I may have to monkey around with physically swapping out the various servers' private keys so they match the cert. My cert vendor also gives an option to "re-key" any certificate you have bought from them, and re-download the re-keyed cert. That might work better.

    But please tell me some opinions:

    The CPanel user interface is supposed to be usable by the end-user, yes the hosting customer.

    We techies can fiddle and work around issues, but how the heck is an end-user hosting customer who is an accountant, pharmacist, or shor-repairman expected to be able to do these work arounds.

    No less, the end-user hosting customer who is paying maybe $10 or $15 a month for a hosting account is expecting us webhosts to do this for them for free? I know that if I whack a $ 15 per month hosting customer with a bill for 2 hours @ 90/hour, he's dropping us like a hot potato and opening a trouble free $5 per month hosting account through some huge domain registrar.

    Comments please. Agree if you do,... but if you disagree, feel free to bash me,... but please give me an explanation of why.

    Look at my join-date for this forum. I've been around this business for a while.

    Thanks
    Drake P.
     
    #3 Drake, Sep 17, 2011
    Last edited: Sep 17, 2011
  4. cPanelTristan

    cPanelTristan Quality Assurance Analyst
    Staff Member

    Joined:
    Oct 2, 2010
    Messages:
    7,623
    Likes Received:
    21
    Trophy Points:
    38
    Location:
    somewhere over the rainbow
    cPanel Access Level:
    Root Administrator
  5. Drake

    Drake Well-Known Member

    Joined:
    Nov 9, 2001
    Messages:
    83
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    New Jersey
    cPanel Access Level:
    DataCenter Provider
    cPanel-Tristan,

    Thanks for the advice. I will need to check out that script and see what it actually does.

    But I am glad that cPanel is aware of the rapidly growing need for SSL usage.

    My big customers never want to have anyone see anything except their own domain name in the URL. It's for vanity reasons with the big customers. They don't want to see my server host name, especially in their webmail URL's.

    I have figured out a way to satisfy my big customer in this way. (Certificate-Small quantity 5 multi domain certificate domain.com, www.domain.com, and webmail.domain.com.) Load the certificate so his site https://www.big-customer.com works ok with SSL. Then for webmail, I discovered that (automatically, with no help from me), if I set the "redirection" to utilize his domain name, I found that if they browse to https://webmail.big-customer.com, they get an immediate good-ssl connection, while retaining their oww domain name in the URL. But, if they browse to https://www.big-customer.com/webmail, they get my server's hostname in the URL address bar. I advised them not to access webmail that way, but it can be a secondary method so they would always have SSL access to their webmail.

    I must say that I am leary of this, because it worked automatically without me loading any SSL cert onto any webmail subdomain. I know the "webmail" subdomain is one of those cPanel pre-defined subdomains. I hope that cPanel doesn't change anything in the future releases that will break this streak of luck I had.

    It would also be nice for a feature for "redirection" on a per-account basis. (oh, also so many more things too on a per account basis, but that's not for requesting here.) We also need a complete summarize all server settings option prior to building a new server, to set up all servers the same way. Also a total go-back feature in case we make a bad mistake in that breaks something. Be able to choose go back to- or set new server up exactly as "config-summary-server13-whatever-date)


    Please Bring back the "perpetual" permanent cPanel licenses like I have, so I can get more.

    FYI
    Though it's got it's bugs, cPanel has come a very long way since it first started at V.D.I. in Clifton, NJ. (Ask an old-timer how it started) I often of wish the 2 fellows at that that company didn't part ways. I knew Bill but not Nick. I was introduced right after the breakup. I guess it had to be. But, Keep It Up!
     
    #5 Drake, Sep 24, 2011
    Last edited: Sep 24, 2011
Loading...

Share This Page