Separate SSL certificates for Main & Add-on Domain

Lemmy1

• October 26, 2016 15:02

I have a main domain and 2 add-on domains on a dedicated IP address. I installed a Let's Encrypt certificate with the AutoSSL plugin, and it installed a certificate that included all the domains attached to the user (main, 2 add-on, 2 sub). So when you look at the certificate for the main domain, it lists all the other domains that are under it. How do I go about installing separate certificates for the main domain and the 2 add-on domains? Do I need to create other cPanel users and transfer the add-on domains to them?

• 

  cPanelMichael

  • October 31, 2016 21:45

  Hello, This is normal behavior, as addon domain names are essentially configured as subdomains in their respective Virtual Hosts, with an alias to to the actual domain name. To note, a recent support inquiry was submitted regarding order of the names as they appear in the certificate. To summarize, it was explained that "CA/Browser Forum Baseline Requirements" mandate the use of subjectAltName (SAN), so unless you're using an SSL or TLS client that doesn't support subjectAltName (in which case it's probably insecure), the CN value is completely ignored and has no effect on the validity of the certificate. You can convert your addon domain names to their own accounts using the following option if you prefer to not have the certificates listed together:

  0
• 

  did-vmonroig

  • November 09, 2016 08:27

  Hello, And what about multidomain sites, as Magento with different storefronts? They cannot be separated in different accounts, but still need more than one SSL per account. Regards,

  0
• 

  cPanelMichael

  • November 17, 2016 20:15

  Hello @did-vmonroig, Addon domain names and subdomains are still assigned SSL Certificates with the AutoSSL feature. The previous response relates to the inclusion of other domain names when someone reviews the certificate information. Thank you.

  0

Please sign in to leave a comment.