Results 1 to 5 of 5

Thread: Install Wildcard SSL - Multiple Common Names

  1. #1
    Junior Member Newbie
    Join Date
    Nov 2007

    Default Install Wildcard SSL - Multiple Common Names

    Can anyone help outline the process for installing a wildcard ssl certificate on a Linux / cPanel / Apache configuration.

    Very hard to find solid documentation on the web.

    I know this can be done - I want to use a wildcard ssl to secure multiple common names under a single IP address.

    I'm looking for the config file sample for Apache.

    Thanks for any help.

  2. #2
    Member Newbie
    Join Date
    Oct 2006


    The Apache 2.0 SSL FAQ will probably have answers to almost any problem you may encounter trying to get SSL hosting configured on your server. The difficulty that you're going to face is that you're trying to use multiple names on the same IP address, and apache +mod_ssl only supports IP-based virtual hosts for SSL.

    The way that I've seen other people accomplish what you're after is by using a single SSL virtual host definition in Apache along with a collection of mod_rewrite rules in order to match the requested hostname with a specific directory or file that apache should serve.

    Another alternative I see is using mod_gnutls in apache to allow you to configure multiple name-based virtual hosts in apache. However, I've never tested this, and it does require some pretty custom configurations that cpanel probably won't support.

  3. #3
    Junior Member Newbie
    Join Date
    May 2008


    Any update on this issue?

    Now in May 2008 this still seems to be an issue with WHM 11.

    The following thread states this problem. In that thread they also mention that the hosting provider had to do some "manual changes". I'm wondering what these changes are. Anyone knows?
    Any alternative workarounds that don't require unique accounts and IPs?


    Yes that is weird. Jag support have been in touch with cPanel support and have now reached the conclusion that the only way to get a wildcard certificate working is to create the 'subdomains' as stand-alone accounts (so they aren't subdomains at all), dedicate an IP to each, manually create the entry and then rebuild Apache. That's convenient then.

    It is now working, but support had to make changes manually. We no longer have subdomains, however - each 'subdomain' has to have it's own account and dedicated IP. Below is support's 'how to' guide:

    Copy the file for one of already installed certs e.g. in this case I copied file '/var/cpanel/userdata/myusername1/mysubdomain1.mydomain.net_SSL' to '/var/cpanel/userdata/myusername2/' .

    /var/cpanel/userdata/ is the path where each account has a folder with its apache and cpanel configuration files. The _SSL file is the one which contains the entries for ssl vhost for any domain.

    Rename that according to subdomain i.e. in this case rename '/var/cpanel/userdata/myusername2/mysubdomain1.mydomain.net_SSL' to '/var/cpanel/userdata/myusername2/mysubdomain2.mydomain.net_SSL'.

    Edit the file '/var/cpanel/userdata/myusername2/mysubdomain2.mydomain.net_SSL' and update user name to myusername2 where there is old username and update IP, viewing this file will clear any confusion.

    Run : /usr/local/cpanel/bin/build_apache_conf
    to rebuild apache configuration from the newly created file.

    Then restart apache to make it load newly built configuration."

  4. #4
    Junior Member Newbie
    Join Date
    Dec 2008


    Hi Guys,

    I've been looking through but these "manual changes" are the thing thats bothering me, can anyone elaborate more on these changes??

    Thanks in advance

  5. #5
    Junior Member Newbie
    Join Date
    Dec 2009


    i don't know if im on the right topic but i'll post it anyway
    Wildcard SSL On a Shared Ip ..Installing Through Cpanel 11
    Ok here It Goes ..:

    First You Have To Create An Subdomain
    after that is done >go to your cpanel SSL/TLS Manager And generate A Private Keys (Key) you should see your your subdomain at the bottom
    Generate a New Key on the left change the domain from to * then click generate key .
    now return to your SSL/TLS Manager and click Certificate Signing Requests (CSR)

    this is an example how t should look:

    Host - *
    Country US
    State NY
    City Brooklyn
    Company whatever
    Company Division I Put More Downloads you can put whatever
    Pass Phrase i word about 8 letters long

    then click generate the page should reload and poof you now have your
    SSL Certificate Signing Request

    hope this helps anyone ..


Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts