Saturday, 6 November 2010

Installing A Wildcard SSL Certificate

A wildcard ssl basically allows you to use unlimited subdomains on a given domain name with one SSL certificate.  A user will need to purchase a wildcard SSL from a vendor that supplies them.

Similar to having multiple certificates installed on a server, each subdomain containing the certificate needs its own IP as well.  Wildcard SSL’s do not work like Wildcard DNS – you really do have to specifically install the certificate on each subdomain. Here are two methods to setting up Wildcard certificates for a domain.

Multiple Accounts

In this scenario, you’d have each subdomain hosted as a separate cPanel account, and each of those cPanel accounts will have its own IP address.

  1. Generate the Certificate Signing Request (CSR) in WHM, using *.domain.com

  2. Read this article to learn how to assign each account its own IP address

  3. When you’re obtained the certificate,go to WHM > Install a SSL Certificate and Setup the Domain and paste in the CRT and CA Bundle for *.domain.com

  4. The fields should auto-populate, in which case you need to make sure the IP is correct, then change the SSL hostname from *.domain.com to the target subdomain

  5. Click install to install the certificate


One Account

This method may be best for users that are not resellers or that are on shared hosting servers, where having multiple cpanel accounts may not be ideal. In this case, you’d have one cPanel account and assign multiple IPs to its subdomains.

  1. Generate the Certificate Signing Request (CSR) in WHM, using *.domain.co

  2. Read this article to learn how to assign dedicated IPs to multiple subdomains on the same account

  3. When you’re obtained the certificate,go to WHM > Install a SSL Certificate and Setup the Domain and paste in the CRT and CA Bundle for *.domain.com

  4. The fields should auto-populate, in which case you need to make sure the IP is correct, then change the SSL hostname from *.domain.com to the target subdomain

  5. Click install to install the certificate

No comments:

Post a Comment