Setting Up a Wildcard SSL on cPanel/WHM
by RapidSSLOnline Cheap SSL Cheapest SSL | RapidSSLonlineA Wildcard Certificate
means all of your sub-domains will resolve to the same location,
regardless of the non-SSL Document-Root specification. A user will need
to purchase a wildcard SSL from a vendor or a reseller that supplies
them.
Similar
to having multiple certificates installed on a server, each sub-domain
containing the certificate needs its own IP as well. Wildcard
SSL’s do not work like Wildcard DNS – you will have to specifically
install the certificate on each sub-domain. Following are two methods to
set up a Wildcard SSL for a domain.
Via WHM:
The fields should auto-populate, in which case you need to make sure the IP is correct, then change the SSL hostname from *.domain.com to the target sub-domain
When you’ve obtained the certificate, go to WHM > Install a SSL Certificate and Setup the Domain and paste in the CRT and CA Bundle for *.domain.com
So, you can save your time to manage numerous certificates for sub-domains and even save the money as Wildcard SSL Certificates such as RapidSSL Wildcard SSL or GeoTrust True BusinessID Wildcard will provide security for all your sub-domains with one main domain name.
Multiple Accounts:
In
a case where you have each sub-domain hosted as a separate cPanel
account, and each cPanel account has its own IP address, then follow
these steps:
- Generate the Certificate Signing Request (CSR) in WHM, using *.domain.com
- There are two ways to change a site’s IP address:
Via WHM:
Go to WHM > Change site’s IP Address, select the account, then select the
i. Via Command Line:
/usr/local/cpanel/bin/setsiteip -u $user $ip
When
you’ve obtained the certificate, go to WHM > Install a SSL
Certificate and Setup the Domain and paste in the CRT and CA Bundle for
*.domain.com
The fields should auto-populate, in which case you need to make sure the IP is correct, then change the SSL hostname from *.domain.com to the target sub-domain
·
Click install to install the certificate
These are the steps to assign dedicated IPs to multiple sub-domains on the same account
Edit
/var/cpanel/userdata/$USER/$SUBDOMAIN.$DOMAIN for each subdomain (for
addon/parked domains you’ll usually edit the file for the subdomain
associated with the addon/parked domain) and change the IP value to a
“dedicated” IP.Click install to install the certificate
One Account
This
method may be best for users that are not resellers or that are on
shared hosting servers, where having multiple cPanel accounts may not be
ideal. In this case, you’d have one cPanel account and assign multiple
IPs to its sub-domains:
·
Generate the Certificate Signing Request (CSR) in WHM, using *.domain.com
Generate the Certificate Signing Request (CSR) in WHM, using *.domain.com
These are the steps to assign dedicated IPs to multiple sub-domains on the same account
II. Run /scripts/rebuildhttpconf
III. Edit
the DNS zone for the subdomain (which will likely be attached to the
parent domain) and update the a-record to point to that IP as well. Then
synchronize the zone out to the DNS cluster, if one exists:
IV. /scripts/dnscluster synczone <parentdomain>
V. Edit
/etc/domainips and add an entry for that sudomain to point to the IP
and run /scripts/rebuildippool to make sure the IP is marked as taken.When you’ve obtained the certificate, go to WHM > Install a SSL Certificate and Setup the Domain and paste in the CRT and CA Bundle for *.domain.com
· The
fields should auto-populate, in which case you need to make sure the IP
is correct, then change the SSL hostname from *.domain.com to the
target sub-domain
·
Click install to install the certificate
Click install to install the certificate
So, you can save your time to manage numerous certificates for sub-domains and even save the money as Wildcard SSL Certificates such as RapidSSL Wildcard SSL or GeoTrust True BusinessID Wildcard will provide security for all your sub-domains with one main domain name.
About the Author:
RapidSSLonline is one of the largest cheap SSL certificate providers and is a Platinum partner for VeriSign, GeoTrust SSL, Thawte and RapidSSL.
It provides 24/7 support for any question, anytime. For more
information about RapidSSLonline, please visit
http://www.rapidsslonline.com Sponsor Ads
Created on Dec 31st 1969 18:00. Viewed 0 times.
Comments
No comment, be the first to comment.