[searchenginepro]

Can anyone help outline the process for installing a wildcard ssl certificate on a Linux / cPanel / Apache configuration.

Very hard to find solid documentation on the web.

I know this can be done - I want to use a wildcard ssl to secure multiple common names under a single IP address.

I'm looking for the config file sample for Apache.

Thanks for any help.

[ToddatSpry]

The Apache 2.0 SSL FAQ will probably have answers to almost any problem you may encounter trying to get SSL hosting configured on your server. The difficulty that you're going to face is that you're trying to use multiple names on the same IP address, and apache +mod_ssl only supports IP-based virtual hosts for SSL.

The way that I've seen other people accomplish what you're after is by using a single SSL virtual host definition in Apache along with a collection of mod_rewrite rules in order to match the requested hostname with a specific directory or file that apache should serve.

Another alternative I see is using mod_gnutls in apache to allow you to configure multiple name-based virtual hosts in apache. However, I've never tested this, and it does require some pretty custom configurations that cpanel probably won't support.

[Ollreasil]

Any update on this issue?

Now in May 2008 this still seems to be an issue with WHM 11.

The following thread states this problem. In that thread they also mention that the hosting provider had to do some "manual changes". I'm wondering what these changes are. Anyone knows?
Any alternative workarounds that don't require unique accounts and IPs?

"Ref: jaguarpc.com/forums/showthread.php?p=135507

Yes that is weird. Jag support have been in touch with cPanel support and have now reached the conclusion that the only way to get a wildcard certificate working is to create the 'subdomains' as stand-alone accounts (so they aren't subdomains at all), dedicate an IP to each, manually create the entry and then rebuild Apache. That's convenient then.

It is now working, but support had to make changes manually. We no longer have subdomains, however - each 'subdomain' has to have it's own account and dedicated IP. Below is support's 'how to' guide:

1.
Copy the file for one of already installed certs e.g. in this case I copied file '/var/cpanel/userdata/myusername1/mysubdomain1.mydomain.net_SSL' to '/var/cpanel/userdata/myusername2/' .

/var/cpanel/userdata/ is the path where each account has a folder with its apache and cpanel configuration files. The _SSL file is the one which contains the entries for ssl vhost for any domain.

2.
Rename that according to subdomain i.e. in this case rename '/var/cpanel/userdata/myusername2/mysubdomain1.mydomain.net_SSL' to '/var/cpanel/userdata/myusername2/mysubdomain2.mydomain.net_SSL'.

3.
Edit the file '/var/cpanel/userdata/myusername2/mysubdomain2.mydomain.net_SSL' and update user name to myusername2 where there is old username and update IP, viewing this file will clear any confusion.

4.
Run : /usr/local/cpanel/bin/build_apache_conf
to rebuild apache configuration from the newly created file.

5.
Then restart apache to make it load newly built configuration."

[nathan3011]

Hi Guys,

I've been looking through but these "manual changes" are the thing thats bothering me, can anyone elaborate more on these changes??

Thanks in advance

[CamfrogHackers]

i don't know if im on the right topic but i'll post it anyway
Wildcard SSL On a Shared Ip ..Installing Through Cpanel 11
Ok here It Goes ..:

First You Have To Create An Subdomain somthing.yourdomain.com
after that is done >go to your cpanel SSL/TLS Manager And generate A Private Keys (Key) you should see your your subdomain at the bottom
Generate a New Key on the left change the domain from somthing.yourdomain.com to *.yourdomain.com then click generate key .
now return to your SSL/TLS Manager and click Certificate Signing Requests (CSR)

this is an example how t should look:

Host - *.yourdomain.com
Country US
State NY
City Brooklyn
Company whatever
Company Division I Put More Downloads you can put whatever
Email somthing@yourdomain.com
Pass Phrase i word about 8 letters long

then click generate the page should reload and poof you now have your
SSL Certificate Signing Request

hope this helps anyone ..