The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Wildcard SSL for unique cPanel accounts

Discussion in 'General Discussion' started by LifeSteala, Aug 31, 2016.

Tags:
  1. LifeSteala

    LifeSteala Member

    Joined:
    Dec 16, 2007
    Messages:
    19
    Likes Received:
    0
    Trophy Points:
    1
    Greetings,
    I manage a cPanel server for a local company and the way we have our accounts set up is that each domain name have their own cPanel accounts. Which is the normal, right? However, we also have several subdomains but instead of creating them inside the root cPanel account, we create separate accounts for each subdomain.

    Example:

    rootdomain.com -> /home/rootdom/public_html
    my.rootdomain.com -> /home/myrootdom/public_html
    test.rootdomain.com -> /home/testrootdom/public_html

    I am needing to install a Wildcard SSL certificate and I cannot seem to find if a Wildcard works between accounts for the same root domain.
    Can anyone shed any light?

    We are running cPanel on CentOS 7, do I need to do anything special to activate SNI for these three accounts so that they can use the same Wildcard SSL cert? OR, do I just set them all to be on the same Dedicated IP and the system knows it's SNI?

    Thanks
    LS
     
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,767
    Likes Received:
    662
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello,

    A wildcard certificate allows you to install the same certificate on any number of subdomains if they share an IP address. It's acceptable to install it on domain names from separate accounts, as long as they use the same IP address. The root user may install a wildcard certificate on a collection of subdomains that are associated with a single root domain on multiple IP addresses. If this configuration uses multiple IP addresses, a user on the server must not own the root domain. This is documented at:

    SSL FAQ and Troubleshooting - Documentation - cPanel Documentation

    You may also find the AutoSSL feature useful if you want to issue each subdomain a free signed certificate:

    https://documentation.cpanel.net/display/ALD/Manage+AutoSSL

    Thank you.
     
  3. LifeSteala

    LifeSteala Member

    Joined:
    Dec 16, 2007
    Messages:
    19
    Likes Received:
    0
    Trophy Points:
    1
    Thanks Michael, we'll go with Let's Encrypt. Seems like a great plugin.

    Question:
    SSL's usually require a Dedicated IP address. Let's Encrypt say this isn't required. Is it OK to keep domains on the Shared IP, and install SSL certs on this IP?
     
  4. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,767
    Likes Received:
    662
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Dedicated IP addresses are no longer required due to support for SNI:

    cPanel Documentation - What is SNI?

    Thanks!
     
Loading...

Share This Page