SSL Simplified - I hope.

[Christopher]

I have a dedicated server. when logging in to whm or cpanel from chrome or firefox I would get "your connection is not private" page which I would use the advance page to get to the login screen. I never gave it much thought.

Years pass and I want to set up a small e-commerce site. So I install Prestashop on a domain and begin the shake down process of getting the site up.

When checking out I realize that that my browser does not have the little lock icon - (the whooshing sound you hear is the can of worms being opened.)

I can purchase an namecheap ssl cert for single domain for $10.95 or a Trustwave ssl which is a webserver cert. for 79.00 per year.

Would the trustwave cert work on all the domains for my 3 dedicated IP's? or would is just make connecting through whm and cpanel more secure?

any help would be great.

[Matt]

A certificate works on one domain name only. You can probably find a cheap cert and use it for WHM and cPanel.

For the eCommerce site, you might consider investing a little more in a more expensive certificate. Some customer's want to see the address bar turn green, or will only shop at sites that have Verisign/Norton SSLs.

SSL on a public facing web site is not only something to secure the connection, but is increasingly a trustmark and can increase conversions/sales compared to a cheapo SSL.

Here are the SSLs we offer if you missed them:
https://glowhost.com/upgrades/buy-ch...-of-trust.html

[Christopher]

Thanks Matt,

So to avoid the "your connection is not private" on my main whm & cpanel do I purchase the cert for the domain with the nameservers? Thanks again.

[David I]

Hello Christopher,

Yes, in order to prevent such notification you need to buy and install an SSL certificate for your hostname.

[Matt]

You'd purchase a cheap SSL for the server's hostname, not the nameserver.

The hostname is what is in your address bar at the cPanel and WHM URLs. It looks something like:

https://nickname.domain.com:2087 <-- In that example "nickname.domain.com" is the hostname you would by the SSL for.

[Christopher]

I was half successful. For testing I went to Comodo for a Free 90 Cert. and obtained an SSl for the Prestashop Site. After installing though whm it worked like a charm. A nice green lock on the car pages.

With the hostname the cert installed good but I'm still not getting the SSl symbol on the cpanel and whm pages. It there a step that I missed.

I the cart I had to turn on the SSL option is there something like that in WHM? Is this something that I should submit a support ticket.


Thanks again

[Matt]

You can always open a ticket, but this is a good place for this question too since others might learn from it.

In answer to your question, yes, there is a section in WHM called "Managed Service SSL Certificates" 9or similar) and this is where you can install that hostname SSL on cPanel, WHM, the email server, FTP server, and etc.

[Christopher]

I have tried that, the only option is to share the cert with the domain, which I did. I did make it the primary cert. and to enable mail SNI, which I did not do., Just to be clear what I'm trying to accomplish is to not have the red crossed out https, when logging in to cpanel and whm. (image attached)

Thanks Matt for sticking with me.

Christopher

[Matt]

If you go to Manage Service SSL Certificates you'll notice all of your SSLs in that section say they are "Self Signed" this means you issued them from your own server, and since your server is not a trusted signing authority, your browser gives a security warning. So, that self-signed issue needs to get fixed. This should say Comodo instead of self-signed, assuming you are using Comodo SSLs.

So, click the 'Browse' button on that page. Then Browse Apache and you will find the correct cert to use for that hostname.

[Christopher]

Not sure if this screen shot represents a security issue please remove if it does.

[Image Removed]

The issuer is Comodo and for the life of me I can not find a browse button.