This object is in archive!
Support for wildcard SSL certificates
Completed
cPanel should support wildcard SSL certificates. They are becoming more and more popular and it's ridiculous that you cannot install a wildcard SSL certificate onto a cPanel account and have it secure all the subdomains. At the moment server admins have to attempt this hack: http://forums.cpanel.net/f5/ssl-certs-wildcard-domains-across-different-hosts-169030.html
I like this idea 
cPanel, WebHost Manager and WHM are registered trademarks of cPanel, L.L.C. for providing its computer software that facilitates the management and configuration of Internet web servers.
We rewrote the SSL Management functionality for cPanel & WHM 11.38. Int part this change will deliver the following:
We rewrote the SSL Management functionality for cPanel & WHM 11.38. Int part this change will deliver the following:
To be honest, I can not believe that a product as mature as cPanel is:
- investing in new themes in stead of functionalities such as this one, which are desperately needed
- throws NO WARNING WHATSOEVER when we generate a CSR for *.domain.com; if it would at least have shown a warning, we would not have continued the ordering process for the SSL certificate, which is costing us quite some money and turns out to be utterly useless.
To be honest, I can not believe that a product as mature as cPanel is:
- investing in new themes in stead of functionalities such as this one, which are desperately needed
- throws NO WARNING WHATSOEVER when we generate a CSR for *.domain.com; if it would at least have shown a warning, we would not have continued the ordering process for the SSL certificate, which is costing us quite some money and turns out to be utterly useless.
You can install a wildcard ssl using the post virtualhost config in the apache include editor, if you create the crt, key and cabundle files manualy.
There are no ways to install a wildcard ssl using the graphical interface, but there are more than 1 way to install a wildcard ssl manualy. I suggest you to verify with your datacenter, they should have their own method to recommed on this :)
There are apparently not enough people requesting for this, and this is not a rush since there are workarounds... i personally prefered to see a new theme for whm rather than an implementation of this feature :)
You can install a wildcard ssl using the post virtualhost config in the apache include editor, if you create the crt, key and cabundle files manualy.
There are no ways to install a wildcard ssl using the graphical interface, but there are more than 1 way to install a wildcard ssl manualy. I suggest you to verify with your datacenter, they should have their own method to recommed on this :)
There are apparently not enough people requesting for this, and this is not a rush since there are workarounds... i personally prefered to see a new theme for whm rather than an implementation of this feature :)
The best way to implement this (and more importantly, having the ability to have multiple subdomains with a virtual documentroot in a single vhost, regadless of SSL or not), is to change the subdomain structure so that a subdomain vhost is created by default like in the attached file. How it works is that as long as the ServerName is *.domain.com, and the directory described in VirtualDocumentRoot exists (up to the %1), the domain should resolve provided there is a wildcard A record in DNS (or one for the specific subdomain), and that there is a directory with the same name as the first portion of the subdomain in /home/username/public_html/subdomains. You can actually do this now in cPanel provided you use the post virtual host include in the Apache Include Editor.
If the subdomain directory doesn't exist, a 404 is returned. This may be somewhat strange depending on the kind of site you run, so you can create a .htaccess file in /home/username/public_html/subdomains/ that sets ErrorDocument 404 to whatever you like.The only major gotcha doing it this way is that you have to symlink /home/username/public_html/subdomains/www back to /home/username/public_html to ensure that http://www.domain.com loads the same content as domain.com. This may not be technically necessary, as usually the main domain vhost has a ServerAlias directive for http://www.domain.com
I am not sure if this would work for addon domains, you will probably still need separate vhosts for that.
Another thing to point out is that mod_vhost_alias is required for the VirtualDocumentRoot directive. This is not default in EasyApache, but it is selectable as 'Vhost alias' in the extended Apache options.
EDIT: for some reason I can't attach, I threw it in pastebin:
http://pastebin.com/rCzMda3x
The best way to implement this (and more importantly, having the ability to have multiple subdomains with a virtual documentroot in a single vhost, regadless of SSL or not), is to change the subdomain structure so that a subdomain vhost is created by default like in the attached file. How it works is that as long as the ServerName is *.domain.com, and the directory described in VirtualDocumentRoot exists (up to the %1), the domain should resolve provided there is a wildcard A record in DNS (or one for the specific subdomain), and that there is a directory with the same name as the first portion of the subdomain in /home/username/public_html/subdomains. You can actually do this now in cPanel provided you use the post virtual host include in the Apache Include Editor.
If the subdomain directory doesn't exist, a 404 is returned. This may be somewhat strange depending on the kind of site you run, so you can create a .htaccess file in /home/username/public_html/subdomains/ that sets ErrorDocument 404 to whatever you like.The only major gotcha doing it this way is that you have to symlink /home/username/public_html/subdomains/www back to /home/username/public_html to ensure that http://www.domain.com loads the same content as domain.com. This may not be technically necessary, as usually the main domain vhost has a ServerAlias directive for http://www.domain.com
I am not sure if this would work for addon domains, you will probably still need separate vhosts for that.
Another thing to point out is that mod_vhost_alias is required for the VirtualDocumentRoot directive. This is not default in EasyApache, but it is selectable as 'Vhost alias' in the extended Apache options.
EDIT: for some reason I can't attach, I threw it in pastebin:
http://pastebin.com/rCzMda3x
We rewrote the SSL Management functionality for cPanel & WHM 11.38. Int part this change will deliver the following:
We rewrote the SSL Management functionality for cPanel & WHM 11.38. Int part this change will deliver the following:
I see this feature request is marked "Released" and the SSL documentation casually mentions that customers can install Wildcard SSL certificates:
http://docs.cpanel.net/twiki/bin/view/AllDocumentation/WHMDocs/InstallCert
I have a customer that is requesting a Wildcard SSL to protect all of their subdomains and I was just looking for confirmation that this will work. This thread came up via search, and I didn't really see any closure, other than the "Released" icon.
I see this feature request is marked "Released" and the SSL documentation casually mentions that customers can install Wildcard SSL certificates:
http://docs.cpanel.net/twiki/bin/view/AllDocumentation/WHMDocs/InstallCert
I have a customer that is requesting a Wildcard SSL to protect all of their subdomains and I was just looking for confirmation that this will work. This thread came up via search, and I didn't really see any closure, other than the "Released" icon.
Looks like its still open.
I got a widlcard (*.mydoman.cl) and cpanel says its installed BUT in fact it is not. Have to do some server plumbing. Same thing to configure cpanel and figure out all the details.
++
Looks like its still open.
I got a widlcard (*.mydoman.cl) and cpanel says its installed BUT in fact it is not. Have to do some server plumbing. Same thing to configure cpanel and figure out all the details.
++
Found it?
You need to go elsewhere in Cpanel to enable the cert
to all other related networks services : service configuration/ manage
service ssl cert.
Hope this helps
Found it?
You need to go elsewhere in Cpanel to enable the cert
to all other related networks services : service configuration/ manage
service ssl cert.
Hope this helps
This doe snot work for me. I go to the location you listed Steven Liberty, I paste the CRT for the *.domain.com and hit AUTOFILL BY CERTIFICATE however it does not add the KEY info so I can't complete the install.
This doe snot work for me. I go to the location you listed Steven Liberty, I paste the CRT for the *.domain.com and hit AUTOFILL BY CERTIFICATE however it does not add the KEY info so I can't complete the install.
Hi,
Sorry for the long delay, I actually had again to search the web to stumble upon my own notes!
I updated my ssl certs BUT WHM do not update it for their own servers: WHM. Cpanel and related pop, webmail etc.
You need to go in WHM service configuration/ manage service ssl cert and from there you have to reset them all.
Do this one last: cPanel/WHM/Webmail Service as then it reboots and logs you out.
Hope this help this time.
Regards,
Hi,
Sorry for the long delay, I actually had again to search the web to stumble upon my own notes!
I updated my ssl certs BUT WHM do not update it for their own servers: WHM. Cpanel and related pop, webmail etc.
You need to go in WHM service configuration/ manage service ssl cert and from there you have to reset them all.
Do this one last: cPanel/WHM/Webmail Service as then it reboots and logs you out.
Hope this help this time.
Regards,
Replies have been locked on this page!