Steps to Install an SSL Certificate on a Shared IP instead of Dedicated IP!

images

Most of the times its not possible to install the SSL with shared IP and always need the dedicated IP for doing that. But its even possible to install SSL with Shared IP, you can do it as ‘nobody’, but this tends to mess up things when you have open_basedir set up or you’re using suPHP.

First, hop into WHM ~> Install a SSL Certificate and Setup the Domain and install the SSL normally, BUT, in the user field, put ‘nobody’ and finish the installation.

Now that the certificate is installed, you need to force cPanel to accept its fate to allow a shared SSL on the main IP. Go into /var/cpanel/userdata and run the following commands, noting that $user should be replaced with the username owning the SSL domain, $ssldomain.

mv nobody/$ssldomain_SSL* $user/

replace nobody $user — $user/*

Then edit ./nobody/main and remove the SSL domain from the sub_domains list, and run /scripts/rebuildhttpdconf to rebuild the Apache configuration, then restart Apache for the changes to take effect. Voila.

IF this is a shared SSL certificate (meaning, other users on the server can call it via https://$ssldomain/~$user):

You’ll want the SSL to show as the shared certificate on the server, which you can either select from the dropdown in WHM ~> SSL Hosts, or run:

echo $sslhostname > /var/cpanel/.sharedcrtname

If you use mod_php with open_basedir, and/or you have mod_userdir enabled, you need to exclude the user ‘owning’ the SSL certificate from both, to allow other sites on the server to use its certificate. These can both be set in WHM ~> Security Center

Thats it.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.