The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Wildcard SSL on Hostname, Standard on Domainname?

Discussion in 'Security' started by John Napoletano, Sep 6, 2016.

  1. John Napoletano

    John Napoletano Registered

    Joined:
    Mar 17, 2016
    Messages:
    2
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Delaware
    cPanel Access Level:
    Root Administrator
    WHM Home >> Service Configuration >> Manage Service SSL Certificates.

    I purchased and installed a wildcard SSL, which shows for all the default services: FTP Server, Dovecot, Exim, cPanel, etc. Works fine in a browser https:// cpanel.example.com for example.

    WHM Home >> SSL/TLS >> Install and SSL Certificate on a Domain.
    SSL will install but won't work for main example.com as in the example https:// www .example.com and without www as in https:// example.com.

    The setup is a dedicated linux server running WHM 58 on CENTOS 6.8. There are many accounts sharing the main IP address. I understand that this should prevent the SSL from working on the main example.com and www sub.

    How can I get https:// www .example.com and http:// www. example.com to work? I will buy a new standard SSL for it and add a dedicated IP address if that is the answer, so let's not be cheap about it, no complicated hacks I mean to say.

    Should I add a dedicated IP address to example.com or will that break something by separating the hostname.example.com from the main http:// www .example.com?

    Should I create a reseller account within WHM with its own main IP address and change ownership of non-dedicated accounts to the reseller? (I don't like this idea if the reseller account would not be associated with my main example.com for example as in cpanel.resellerexample.com for account logins.

    Thanks for your help.
     
    #1 John Napoletano, Sep 6, 2016
    Last edited by a moderator: Sep 6, 2016
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,723
    Likes Received:
    660
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello,

    A wildcard certificate allows you to install the same certificate on any number of subdomains if they share an IP address. It's acceptable to install it on domain names from separate accounts, as long as they use the same IP address. The root user may install a wildcard certificate on a collection of subdomains that are associated with a single root domain on multiple IP addresses. If this configuration uses multiple IP addresses, a user on the server must not own the root domain. This is documented at:

    SSL FAQ and Troubleshooting - Documentation - cPanel Documentation

    You may also find the AutoSSL feature useful if you want to automatically issue each domain and subdomain a free signed certificate:

    Manage AutoSSL - Documentation - cPanel Documentation

    Thank you.
     
  3. John Napoletano

    John Napoletano Registered

    Joined:
    Mar 17, 2016
    Messages:
    2
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Delaware
    cPanel Access Level:
    Root Administrator
    Hi Michael. I appreciate your response but please take another look. Are you saying I can not have an 'Account' for the main domain name of my company website www example.com? If yes then how would I create my company website. My server is for a small website design/hosting company. Below is an example of the current IP address allocation:

    Current IP Address Setup

    hostname . mycompany . com => 1.1.1.1
    mycompany . com => 1.1.1.1

    sharedcustomer1 . com => 1.1.1.1
    sharedcustomer2 . com => 1.1.1.1
    sharedcustomer3 . com => 1.1.1.1

    dedicatedcustomer1 . com => 2.2.2.2
    dedicatedcustomer2 . com => 3.3.3.3


    What would happen if I do this:

    hostname . mycompany . com => 1.1.1.1
    mycompany . com => 4.4.4.4
    ...

    In other words, can WHM be used to add a dedicated IP address to the main domain name "Account" of the server?

    WHM Home >> Account Functions >> Change Site's IP Address

    If I can add a dedicated IP address to the mycompany . com account I would think then I can add the wildcard certificate or a standard there. From what I have read the wildcard SSL is not IP specific. I can't be the only one ever trying to get SSL on both the hostname and domainname.


    Here's a 2011 forum post that hints at this:
    WHM setup for dedicated server

    Depending how you decide to manage your IP's it may be different but I would create zones for:
    server.acme.com (IP#1)
    ns1.acme.com (IP#2)
    ns2.acme.com (IP#3)
    acme.com (IP#4) <---This is your corporate website with it's own cPanel and Login
    ...and all client have there own records under the same IP (IP#5)
     
    #3 John Napoletano, Sep 6, 2016
    Last edited: Sep 6, 2016
  4. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,723
    Likes Received:
    660
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello,

    Yes, you can install a wildcard SSL certificate on your primary domain name. You can also install it for your server's hostname, however the SSL certificate installation process for your server's hostname is handled separately, via "WHM Home » Service Configuration » Manage Service SSL Certificates". That option is documented at:

    Manage Service SSL Certificates - Documentation - cPanel Documentation

    Thank you.
     
Loading...

Share This Page