Hi,
anybody can tel me how to install exactly SSL by Webhosting Manager.
An should the Web site have an own IP address or can I istall it also on a shared IP.

Thanks at all

The domain must have a unique ip. Do you have the certificate already? If now you will have to generate a signing certificate.

The domain must have a unique ip


tabernack,

My situation is like this:
- I rent a server with mydomain.com as the domain and
123.123.123.123 as IP.
- But eventually, as I create some non-IP websites,
WebHost Manager (automatically?) chooses the same
IP (123.123.123.123) for the websites.

Can I still use the domain and ip to install
SSL certificate?

Thanks.

bwh.

tabernack: No I have not yet a certificate. Can I create it by WHM ? Can you tel me step by step how to install SSL?
sorry it's the first time I use SSL on WHM

Tank you

bwh-
You should be able to use that IP address and one domain for your SSL cert., but that's it then. You wouldn't be able to re-use that IP address for another cert.

Generate a signing certificate by entering the necessary info in the "Generate an SSL Certifcate and Signing Request" section of WHM. This will email you the certificate request. Once you have that you must purchase a certificate at equifax/verisign... etc... using that request. You'll see what I mean when you go to purchase the cert, it will ask you for the certificate request. Once you receive your certificate all you have to do is install it using the "Install an SSL Certificate and Setup the Domain" feature in WHM. This should set up the necessary apache entries for that domain so that it responds to https requests and install the cert in the appropriate directories.

The apache entry should look something like this:

<VirtualHost 216.171.64.24:443>
ServerAdmin webmaster@secure.webfors.com
DocumentRoot /home/secure/public_html
BytesLog domlogs/secure.webfors.com-bytes_log
ServerName http://www.secure.webfors.com
CustomLog domlogs/secure.webfors.com combined
ErrorLog /home/secure/error_log
ScriptAlias /cgi-bin/ /home/secure/public_html/cgi-bin/
SSLEngine on
SSLCertificateFile /var/ssl/certs/secure.webfors.com.crt
SSLCertificateKeyFile /var/ssl/private/secure.webfors.com.key
SSLCACertificateFile /var/ssl/certs/equifaxCA.crt
</VirtualHost>

The important entries here (that are added when you install the cert) are:

SSLEngine on
SSLCertificateFile /var/ssl/certs/secure.webfors.com.crt
SSLCertificateKeyFile /var/ssl/private/secure.webfors.com.key
SSLCACertificateFile /var/ssl/certs/equifaxCA.crt

Depending on where you specify the certs to be stored (in the above entries), you can verify that location to see if your cert is there. As shown above mine are stored in /var/ssl/certs. Not sure if that's where WHM stores them though. I installed mine manually. :)

Chicken is right. The reason is that you cannot have 2 entries of the same ip listening on the same port. This is defined by:

<VirtualHost 216.171.64.24:443>

If you attempted to setup another secure server for a domain (with the same ip) that would mean another virtual host entry as above:

<VirtualHost 216.171.64.24:443>


This abviously wouldn't work since it would mean 2 different virtual host entries listening for the same request. Unless of course you set it up to listen on a different port. This could be done, but impratical since your visitors would most likely not want to enter https://mydomain.com:445 or some other port, but would receive the other secure site it they forgot to enter the port number (since an https request defaults to port 443). Each domain would still require it's own certificate though.

[Edited by tabernack on 01-15-2001 at 09:31 AM]