I don't really know how to start explaining this, but hopefully you will understand.

I have a website, call it subdomain.domain.com and I also have cname.otherdomain.com, which points to subdomain.domain.com through a CNAME record.

I need to know if it is possible to secure cname.otherdomain.com with SSL?

e.g. end-user goes to https://cname.otherdomain.com and it brings up the content from subdomain.domain.com

Is it as simple as getting an ssl cert for cname.otherdomain.com? Or do I need to do something different.

I've never tried to secure a cname, and honestly I am not sure if it is even possible, hence this post.

Thanks.

normally with a SSL you would secure the common name that you specify such as secure.mydomain.com. The SSL would only be active with just secure.mydomain.com, if you wish to add something.secure.mydomain.com this would not work

I hate to make myself sound dumb, but what you are saying is yes I can secure cname.otherdomain.com with SSL?

And I am also gathering that when purchasing a SSL cert I will put cname.otherdomain.com for the domain to secure, correct?

Thanks for your help so far.

Originally posted by xerocity.com
I hate to make myself sound dumb, but what you are saying is yes I can secure cname.otherdomain.com with SSL?

And I am also gathering that when purchasing a SSL cert I will put cname.otherdomain.com for the domain to secure, correct?

Thanks for your help so far.

I actually dont think you can do this, but i'd love to be corrected. You need to have it pointing to the actual address used (cname.mydomain.com).

The example above was something else though it was

something.secure.mydomain.com vs
secure.mydomain.com

I'd love to buy an SSL for secure.mydomain.com and then
just have abc.mydomain.com cnamed to the above, but I dont think it works.

I don't mind having two SSL certs, I just need to know if I can secure a CNAME address.

The CNAME'd address is the only one that I need to have secured.

Is this possible?

You can secure nearly any host name. You can have an SSL cert for secure1.yourdomain.com and another for secure2.yourdomain.com. There are a number of high quality inexpensive SSL providers

end users can only use http://secure.yourdomain.com/~theurlogin

otherwise you need to purchase wild-card ssl cert that support *.yourdomain.com

http://www.ssl.com/SSL128WCG10.jsp

Originally posted by Bashar
end users can only use http://secure.yourdomain.com/~theurlogin

otherwise you need to purchase wild-card ssl cert that support *.yourdomain.com

http://www.ssl.com/SSL128WCG10.jsp

This question isn't for a hosting company, but rather a company that wants to secure a cname.

The easiest way to put my query into perspective (since you are an ETP) would be for if I want to have a cname pointing to access.enom.com, but wanted to be able to access it securely at https://access.mydomain.com

I am pretty sure I can do this now based on both the research that I have done and the responses here.

the browser will give a notice about it since the hostname doesn't match enom's access.enom.com host certificate

Originally posted by Bashar
the browser will give a notice about it since the hostname doesn't match enom's access.enom.com host certificate

So, if I have setup a CNAME to access.enom.com on my server and I installed a ssl certificate on my server for https://access.mydomain.com when you went to https://access.mydomain.com it will try to request the ssl certificate from access.enom.com instead of access.mydomain.com?

I am not fully getting this logic. If the above statement by me is correct, could you explain the details to me so I can fully understand it?

Well this is just a follow up for anyone that is interested.

I have determined that it is possible to secure a cname address so that all communication is secured. What you have to do is create the CNAME - access.yourdomain.com CNAME acess.enom.com. Then, create the CSR, either manually or through your control panel, if your control panel allows you to manually enter the hostname. In my case I had to do this manually via SSH and OpenSSL on a linux server. Then go to a CA and get your CSR turned into a valid certificate and add it to your control panel. If your control panel asks you to enter the subdomain that you want to secure, just go in a create a dummy subdomain, then add it. It doesn't matter what the subdoman is because the hostname in the certificate is used by apache to determine what hostame should have the certificate sent with it.

By the way, I was able to do this on an H-Sphere System, I don't know if it will work with other systems.

the moment you CNAME access.yourdomain.com to access.enom.com whatever you setup on your server wont be recognized since access.yourdomain.com is CNAMED to access.enom.com and going to https://access.yourdomain.com will point to https://access.enom.com

i have it setup already, try accessing http://access.mycompany and https://access.mycompany and you will know what i'm talking about.

http://access.mycompany and https://access.mycompany are invalid URL's. Please post or PM me valid URL's.

EDIT: cancel the above statement. I figured out what you were saying.

However, because you did not setup an SSL certificate for https://access.yourcompany.net your browser tries to get it from access.enom.com

I will PM you valid URL's from my testing shortly. They will show you that it is possible.