Good day! I am trying to get an SSL certificate (from GeoTrust) setup on my server and to be honest, it is kicking my butt.

Everything was working fine with the self-signed certificate. I purchased the cert and all of that went fine. Plugged the info into WHM and at least have it to the point where when I log into WHM it sees the cert.

HOWEVER, I think I screwed up with the server name portion...

The server name is main.mydomain.com. When I did the cert, I wanted to use a more generic domain that I own since I will be sharing it (same IP) so I just did it for seconddomain.com (notice no prefix used).

When I log in securely to WHM, the browser pops up with a message now saying the name on the certificate doesn't match the server name. But, if I view the certificate, it at least says seconddomain.com.

Further, I can't seem to access anything else securely. It is my understanding I should be able to to https://myipaddress/~username and see users sites over a secure connection. This does not work. Nor does going to https://myipaddress. Both return DNS / cannot find server errors.

Went through the thread about "cleanup messy SSL" but didn't find anything out of the ordinary. At this point, I just want to get this dang thing up and running so any help would be much appreciated!

The entry in httpd.conf is:



ServerAdmin webmaster@seconddomain.com
DocumentRoot /home/seconddomain/public_html
ServerName seconddomain.com
CustomLog /usr/local/apache/domlogs/seconddomain.com-ssl_log "%t %{version}c %{cipher}$
User namehere
Group namehere
SSLEnable
SSLCertificateFile /usr/share/ssl/certs/seconddomain.com.crt
SSLCertificateKeyFile /usr/share/ssl/private/seconddomain.com.key
SSLCACertificateFile /usr/share/ssl/certs/seconddomain.com.cabundle
SSLLogFile /var/log/seconddomain.com
UserDir public_html
ScriptAlias /cgi-bin/ /home/secondomain/public_html/cgi-bin/
SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown


TIA for the help!

PCGH

When you generated the .csr file, what domain name did you use ??

Thankfully I did a screen shot of the form because I wasn't sure...

Under "Host to make cert for" I put seconddomain.com.

Note that I didn't do secure.seconddomain.com or xyx.seconddomain.com. Not sure if that matters.

Thanks for helping!

No then you would need to use a wildcard SSL cert to use secure.seconddomain.com

I assume the seconddomain.com has it's own unique assigned IP address and has a qualified VirtualHost directive in the httpd.conf or is regular domain using a shared IP ??

Mickalo

No, I have seconddomain.com on the primary shared IP, and it does have the standard VirtualHost entry in the httpd.conf.

I can move it to its own IP easily enough as I do have a spare.

My only concern is that I want to share the cert with customers. If it is on a different IP than the customer, is that a factor?

TIA again for the help and fast responses!

are there any other SSL certs assigned to the same IP address?? As all SSL certs must have their own unique assigned IP address, the same IP used by the domain that the SSL cert is assigned too.

Nope, that is the only one (I'm a first timer and it is showing - haha). Searched the httpd.conf and made sure there were no extraneous entries. Also double checked all the stuff that aussie had posted.

can you post the actual URL in question here ??

I sent you a PM with the info... Thanks again!

I sent you a PM with the info... Thanks again!

Anyone else? Anyone? Please advise - I could use the help!