UCC SSL certs and WHM installable by default
I have seen a few topics on UCC SSL certificates and issues with cpanel/whm in them.
Let me explain my reason for posting.
I run on a CentOS 6 - 64 bit dedicated linux box - from Private Layer Inc SolusVM as hypervisor to two cpanel controlled (WHM/Cpanel) VPS boxes which run CentOS 5 - 32 bit OSses. One one of these VMs I have one account for my multi-store setup which operates from one physical CS-Cart installation two store fronts on two separate domains, on on the primary domain domain.com and the second store front on domain2.com. If I check the padlock in just about any browser of either domains, the padlock gives me the insurance that the domains are secured by ssl encryption. However doing a check via sslshopper.com/ssl-checker.html reveals that for my second store front the ssl is invalid or the error:
[QUOTE]None of the common names in the certificate match the name that was entered (domain2.com). You may receive an error when accessing this site in a web browser. Learn more about name mismatch errors.
My questions are: 1. would an UCC SSL certificate from either Trustwave or Godaddy or some other vendor work out of the box for these domains OR 2. should I purchase myself a separate ssl certificate for this one other store front 3. are there still issues with UCC SSL certificates under WHM cpanel that I should be aware of. I have seen posts dating back to 2011. I am not sure if these are still valid. Best regards Anthony
My questions are: 1. would an UCC SSL certificate from either Trustwave or Godaddy or some other vendor work out of the box for these domains OR 2. should I purchase myself a separate ssl certificate for this one other store front 3. are there still issues with UCC SSL certificates under WHM cpanel that I should be aware of. I have seen posts dating back to 2011. I am not sure if these are still valid. Best regards Anthony
-
Hello :) Please keep in mind that SNI is not supported on CentOS 5. You could install multiple certificates on the same IP address if you migrated to CentOS 6. That being said, UCC/SAN certificates are supported in the environment you described, so it should work without custom workarounds. The following document helps answer your questions: SSL FAQ and Troubleshooting In particular: [QUOTE]Multi-domain certificates are SSL certificates that allow you to secure multiple, potentially unrelated domains with a single certificate. This includes UCC/SAN certificates and wildcard certificates. Unified Communications/Subject Alternate Name (UC/SAN) Certificates are SSL certificates that allow you to specify a list of hostnames that the same certificate protects. Note: You must reissue these certificates each time you add a new hostname.
Thank you.0 -
[quote="cPanelMichael, post: 1702442">Hello :) Please keep in mind that SNI is not supported on CentOS 5. You could install multiple certificates on the same IP address if you migrated to CentOS 6. That being said, UCC/SAN certificates are supported in the environment you described, so it should work without custom workarounds. The following document helps answer your questions: SSL FAQ and Troubleshooting In particular: Thank you.
Michael would it however be possible to setup a UCC/SAN certficate for not only multiple domains but also two different entities that own their respective store front ? If so in the current setup, how would I go about it step by step ? Regards Anthony0 -
[quote="Mangoose, post: 1702771">would it however be possible to setup a UCC/SAN certficate for not only multiple domains but also two different entities that own their respective store front ?
Could you elaborate on this? What do you mean by different entities? Thank you.0 -
[quote="cPanelMichael, post: 1702782">Could you elaborate on this? What do you mean by different entities? Thank you.
One store front belongs to an business associate of mine0 -
The certificate should still work, regardless of the website owner. However, as far as purchasing the certificate, you may want to consult with the SSL issuer with that question to determine if there are any stipulations about that. Thank you. 0
Please sign in to leave a comment.
Comments
5 comments