Install a Wildcard SSL Certificate on your VPS or Dedicated Server
Installing a wildcard SSL certificate in cPanel isn't easy; once you have it installed, it can be a bit troublesome to take advantage of the wildcard feature.
Some say you need a dedicated IP address for every subdomain you want to install SSL. They might also say that manual edits to the 'httpd. Conf files are required, or you shouldn't have any issue adding subdomains and having them operate with HTTPS.
However, this isn't the case.
To install a wildcard SSL on cPanel:
-
Navigate to the Security Section, then click SSL/TLS.
-
Under Certificate Signing Requests (CSR), click 'Generate, view or delete SSL certificate signing requests.
Note: more on CSRs and RSA keys here. -
Once the CSR is generated, go ahead and purchase your SSL certificate.
-
When you receive the certificate key, you can now install the certificate; you will need your Certificate Key, Private RSA key, and CA Bundle (Intermediate Certificate) on hand.
The Certificate Key and CA Bundle are provided after you order the SSL certificate and it's been approved. The Private RSA Key is provided when you generate the CSR. More info on CSRs and RSAs is here. -
Click the Install SSL Certificate link.
-
From the Domain dropdown, select the domain that does not have '
www.'
in front of it. -
Now, in doing this, when cPanel generates the block of code in the
httpd.conf
file, it's going to set the document root to the following:/home/username/public_html
And that's okay, but if you want to set subdomains outside thepublic_html
directory, then the wildcard SSL won't work unless you manually modify thehttpd.conf
file, which you can't do since it requires root access.
So, to get around this, we need to usemod_rewrite
to redirect requests to the appropriate directory. -
When you set up a subdomain, you can set the path to the document root, and it's probably best to do something like this:
/home/username/public_html/domains/sub.domain.com
-
In the .htaccess file in your public_html directory, for each sub domain that needs an SSL certificate, you will need to add the following:
RewriteCond %{SERVER_PORT} ^443$
RewriteCond %{HTTP_HOST} ^sub\.domain\.com$ [NC]
RewriteCond %{REQUEST_URI} !^/domains/sub\.domain\.com/
RewriteRule ^(.*)$ /domains/sub.domain.com/$You'll want to replace path with the appropriate data, of course, but it has to reside in the public_html directory (although you could create a symbolic link to a directory outside the public_html directory).
Magento
If you're using Magento, you don't have to add anything to your .htaccess
file. Simply setup additional stores as parked domains.