ssl on shared ip problems

Discussion in 'Linux VPS/Dedicated - cPanel' started by laguna, Nov 9, 2008.

  1. laguna

    laguna New Member

    I'm hoping someone can help me. I have tried support and am not getting very far wtih them.

    Here is the situation.

    * I have some domains on a shared ip address.
    * Based on some vps security guide, i have redirected cpanel login from http to https
    * All works fine
    * Through WHM I installed a free SSL on one of the domains on the shared ip
    * That all works fine
    * This past week I noticed that when I go to https://nick.myservername.com, it went to htdocs directory and dumped some text file. So support made one of the domains on the shared ip address the default domain. It was not the one with the ssl cert
    * Now I see that every domain on the shared ip's https url is being redirected to the domain I have an ssl installed on.
    *In WHM I deleted that domain as an ssl host. Now all the domains on the shared ip just show an error/website not found when using https in the url

    Any help appreciated on how to make this all work. Thanks.
     
  2. KH-Paul

    KH-Paul CTO Staff Member

    Hi laguna,

    If I got you right the problem is that https://yourdomains.com/ returns a connection cannot be established error? If so, this is something that should be expected after ssl config was removed.
    If I missed something and/or you have some other problem please either PM me the details or let me know the ticket number you've created so I can take at real life example of the problem you're having.

    Regards,
    Paul
     
  3. laguna

    laguna New Member

    Let's say the server's name is joe.smoe.com

    I have domain1.com and domain2.com and domain3.com all on a shared ip on joe.smoe.com

    I forced cpanel login to be https (can't use http) in conf file I think. This was done a year ago.

    Everything works fine.

    Sometime after that, I installed through WHM a free sll on domain2.com.

    Everything works fine.

    This week, for some unknown reason, I type in https//joe.smoe.com and it does some file dump. http//joe.smoe.com works fine so I never noticed. Support says I need a default domain so they setup domain3.com as the default domain on joe.smoe.com within http conf.

    Now I see that every domain on the shared ip redirects to domain2.com. Prior to this week, that did not happen.

    Support says it is because I have an ssl cert installed on domain4.com. There might be one installed there through their cpanel, but I don't get how that is affecting anything.

    In any case, I go into WHM and delete domain2.com as an ssl host. Now domain1.com, domain2.com and so on all error out when I use https in the url.

    Shouldn't I be able to install a default ssl cert on the shared ip so that it works for all? I have had that situation on other hosts and it worked fine.

    Thank you for your reply.
     
  4. KH-Paul

    KH-Paul CTO Staff Member

    laguna,

    When you install SSL certificate on the domain the domain's content will become accessible through https://domain.com/ as well as http://domain.com/. If domain.com shares the IP with other domains any https:// request to any of the domain that share the IP with SSL-enabled domain will end up at https://domain.com/. I'm not sure what "some file dump" is but I would guess that application installed on the domain where SSL certificate was activated might be unable to properly handle requests received with some other domain name in the header.

    Once you've removed the domain where SSL certificate is installed Apache stopped listening on port 443 (https) on the IP where this domain was configured, as such you will receive an error while attempting to access https:// for any of the domains hosted on that IP.

    Again, I might be misunderstanding or missing anything in the description provided but so far I can't see any errors in the way how you describe things are working - everything you describe is pretty much expected except, may be, "some file dump" as I'm not entirely sure what it might be...

    Regards,
    Paul
     
  5. Dan

    Dan Moderator

    I was under the impression that SSL certificates were only for use on dedicated IPs and this sounds like the sort of problems you would run into installing one on a shared IP to me.
     
  6. laguna

    laguna New Member

    Ok. So secure server access works but you can not install a ssl cert for a shared ip domain?
     
  7. Dan

    Dan Moderator

    Accessing cPanel/WHM is done using redirects so even though you go to https://domain.com:2083 you're being redirected to https://server.domain.com:2083 internally.

    Even a wildcard SSL certificate requires a dedicated IP for the domain it's being assigned to. I am by no means an expert and maybe someone else would like to jump in here but to my knowledge all SSL certificates require that the domain have a dedicated IP address.
     

Share This Page