If you are looking forward to setup a wildcard SSL on your cPanel or the WebHost manager, this article should help you out. But, before we get into the details, let us first discuss what does a wildcard certificate do?
Wildcard certificate makes sure that all the subdomains are resolving to the very same location. It doesn’t depend on the non-SSL document Root specification.
The set up process starts with purchasing a wildcard SSL. Also, make sure that each of the subdomains has its own unique IP. Please take note of the fact that a wildcard certificate doesn’t work like Wildcard DNS, unlike many assume.
The exact method of setting up the wildcard SSL will depend on whether you have got multiple accounts or a single account:
For Multiple Accounts
This section will help you if each of your subdomains is hosted as a separate cPanel account. Each of the accounts should have an IP address of its own as well. Following are the steps to follow:
- The process starts with generating Certificate Signing Request using this: *.domain.com.
- You can easily change the IP address of a website via WebHost manager. You can also type in the following in the command line: /usr/local/cpanel/bin/setsiteip -u $user $ip.
- After obtaining the certificate, you should set up the domain by working on the CRT and CA bundle (These get auto-populated in general) for the *.domain.com.
- Finally, you have to install the certificate by clicking on the install button.
For Single Account
This is ideal, particularly, when you have a shared hosting server. In this case, you have only one single cPanel account. The first step of generating Certificate Signing Request stays the same, so, we will continue with rest of the steps:
- You have to assign dedicated IPs for each of the sub-domains.
- For each subdomain, edit /var/cpanel/userdata/$USER/$SUBDOMAIN.$DOMAIN. Make sure to change the IP value to one dedicated IP.
- Next step is to run /scripts/rebuildhttpconf. Now, edit DNS zone of each subdomain and point that to the specific IP.
- If you have a DNS cluster, synchronize the same with your subdomains by this command: /scripts/dnscluster synczone <parentdomain>.
- Now, edit /etc/domainips and add an entry so that the subdomain points to the specific IP. Now, run /scripts/rebuildippool to ensure that the IP is marked to have been already taken.
The process of installing certificate and setting up the domain remains same as of the multiple accounts case. So, I will not repeat that here. If you face any problem with the installation process, please share the same with me through the comments section. I’ll love to help you out.
Leave a Reply