SSL and dedicated IP for VPS hostname
I've been trying for some time to figure out all this DNS, nameserver and IP stuff, and I think I did, for the most part, but now I've come to install an SSL certificate and I'm just stuck. I have a VPS with 2 IPs, the 1.1.1.1 is set to NS1 and 2.2.2.2 is set to be NS2 (I also use some secondary NS, but I don't think this is relevant here)
I've started with the hostname "host.domain.com". The Basic Config is set to use the IP 1.1.1.1 as main, and this is also the main VPS IP that I use to log in to WHM. Then I added a second IP, and I've set up NS1 to be 1.1.1.1 and NS2 is using the IP 2.2.2.2
At the moment I have just 2 DNS zones - host.domain.com (with A record host.domain.com pointing to 1.1.1.1) and domain.com (A record points to 1.1.1.1, and the zone also contains an A record for "host" set to 1.1.1.1), so, they both use the same settings (nameservers NS1 and NS2, and their main IP is 1.1.1.1)
I plan to use the second IP 2.2.2.2 for the other sites that I want to create.
Since I'm sick of getting the "Untrusted connection" message in my browser and Thunderbird/Outlook, I purchased a cheap, Positive SSL certificate for host.domain.com, generated CSR and installed it.
Now, in the Manage SSL Hosts i see the installed SSL host "host.domain.com" with the IP 1.1.1.1 and owner nobody. As per some tips that I've found, I made this certificate be shared.
And that's as far as I've come...
If I try to open either or
-
Hello :) You have to install the certificate for your services via: "WHM Home " Service Configuration " Manage Service SSL Certificates" Also, note that you should not keep a duplicate DNS zone for your hostname if you already have the "A" record for it added to another zone. Once you install the certificate for each service, you must access the service over the SSL certificate name to avoid mismatch warnings. Thank you. 0 -
Thank you very much for your answer - somehow I completely skipped this "Manage Service SSL Certificates"... and I'll sort this A record issue. If I understand it right, I can just delete the certificate that I've installed under SSL/TLS and install it using Manage Service SSL Certificates instead. Is there anything else that I should be aware of when installing the certificate for cPanel/WHM/Webmail Service, Dovecot Mail Server, Exim (SMTP) Server and FTP Server? I assume nothing much will change in the way of using any of those services. I've enabled the "Always redirect to SSL" inside Tweak Settings", if that counts. And, if I may ask another question, it's not much, but it's bothering me a bit - when I open "Show IP Address Usage", under HTTP Usage, I just can't get it to show my actual hostname like host.domain.com, instead, it's showing the original hostname that I got when I first purchased the VPS. I've checked my etc/hosts and etc/hostname files, but they seem OK. Where else should I look? Thank you once again. 0 -
1. You can delete the certificate under "Manage SSL Hosts" if you prefer, but it's not required. 2. Try looking for and removing entries for the old hostname /var/cpanel/users/* or in /var/cpanel/userdata/nobody/* and then rebuild the Apache configuration file via: /scripts/rebuildhttpdconf Thank you. 0 -
Well, the part with the SSL worked as it should, as for the IP usage, maybe I've found the reason - the only file that I could find which still contains the original hostname is var/cpanel/userdata/nobody/main The content of this file is addon_domains: {} main_domain: 1234.server.com parked_domains: [] sub_domains: - host.domain.com Should I change the main domain here (this 1234.server.com was the original hostname)? And I'm not sure I understand why my hostname host.domain.com is listed as a subdomain and the original hostname as the main domain. Thank's again 0 -
Yes, you can change the main domain name in this file and remove the subdomain. After you save the file, rebuild the Apache configuration file via: /scripts/rebuildhttpdconf Thanks. 0 -
Thank's a lot! 0
Please sign in to leave a comment.
Comments
6 comments