Installing a Shared SSL cert?

[loopforever]

Hey Guys,

Have any of you bought and installed a GeoTrust or ChainedSSL certificate (or any cert for that matter) on a DA machine as a shared certificate for ALL clients?

I'd like to be able to use one certificate for all client's SSL data.

Is it possible that we can do something like this:

https://ssl.servename.serveio.cmo/client'sdomain.com

?


http://www.site-helper.com/ssl.html#install

Appears to apply to installing a certificate for a single domain only.

Thanks .

 

[ProWebUK]

You would put the SSL cert on the hostname of the server then offer shared SSL via:

https://yourhostname.com/~username/

Chris

 

[loopforever]

So if I create A records like this:

ssl.loop.serveio.com
ssl.froop.serveio.com
ssl.gecko.serveio.com

And point them to my main server IP (that's used for shared hosting). My clients will be able to access their site via:

https://ssl.servername.serveio.com/~username

?

Thanks very much .

 

[DirectAdmin Support]

Hello,

If you install any SSL certificate as an "Admin".. that certificate will be installed as shared automatically. Everyone on the server who is using "shared server certificate"will be able to use the cert that the admin has installed.

John

 

[S2S-Robert]

That's true, but the users running another domain using https will get a popup telling them that the certificate is not meant for that domain. Using the above setups the domain stays the same and users won't get a popup.

Good idea btw

 

[DirectAdmin Support]

Yes, you'd need a wildcard certificate to prevent a popup. $$

John

 

[loopforever]

I shouldn't need a wildcard cert if I'm buying 1 cert for each A record, correct?

For example:

ssl.gecko.serveio.com has a cert
ssl.loop.serveio.com has a different cert

etc...

Right?

 

[ProWebUK]

I shouldn't need a wildcard cert if I'm buying 1 cert for each A record, correct?

For example:

ssl.gecko.serveio.com has a cert
ssl.loop.serveio.com has a different cert

etc...

Right?

You would need wildcard for the above 2 examples with 1 cert, ssl.gecko.serveio.com does not match ssl.loop.serveio.com and therefore will give you an error.

A wildcard works basically anything under 1 domain - *.domain.com

Chris

 

[DirectAdmin Support]

Hello,

You'd need 1 IP per domain if you used 1 cert for each one, but it would work.

John

 

[Blair]

wildcard clarification

Hi,

I am reading this and researching the ssl cert to install as my main ssl cert to be sharred by all/any users. I have the domain securelockssl.com and want to allow users to access this domain for their ssl needs. So as far as I understand they will be able to access it by going https://securelockssl.com/~username This makes sense. The wildcard ssl (which is quite a bit more $$) seems to only be needed if you are using many subdomains such as one.securelockssl.com and two.securlockssl.com ... which I don't see that I need with https://securelockssl.com/~username

I don't need a wildcard ssl then do I ?

regards

Blair

 

[nobaloney]

No, you don't need a wildcard cert for your stated application.

Jeff

 

[Blair]

I purchased a ssl cert from freessl.com. It is owned by Geotrust. I then istalled it and I get the security alert for non-trusted certs that pops up.

check it out http://securelockssl.com

What am I missing here?

Blair

 

[Blair]

It appears that some how the security alert is saying the domain is localhost.localdomain instead of securelockssl.com.

Not sure how to set that though? I did put in securelockssl.com into the create certificate request.

regards

 

[ProWebUK]

It appears you havn't installed the certificate.... or not properly.... thats a self generated certificate and not something that you would have got from geotrust/free-ssl

Chris

 

[Protollix]

I ran into this problem when I was trying to install the CA bundle/certificate for Comodo after I had copied a cert from a cpanel server.

Basically, you need to paste the key and cert for your domain, then paste the CA cert (if required) by click on the link under the SSL Cert box. It reads:
Click Here to paste a CA Root Certificate

Check the box to actually use the CA Root Cert.

that's what I did anyhow....

 

[Blair]

Now I understand better the root CA

What flavor do I choose?

Apache + ApacheSSL
Apache + MODSSL
Apache + Open
Apache + Raven
Apache +SSLeay

 

[jeffery]

Re: Now I understand better the root CA

What flavor do I choose?

Apache + ApacheSSL
Apache + MODSSL
Apache + Open
Apache + Raven
Apache +SSLeay

Apache + MODSSL

 

[kkwasnik]

Yes, you'd need a wildcard certificate to prevent a popup. $$

John

Been trying to create a CSR for a wildcard cert for the admin
account, but your not allowing and asterik "*" in the domain
name or *.domain.com (GeoTrust requires the CRS to made
that way)

As a result, we get the following error;

Could not execute your request
--------------------------------------------------------------------------------
Details

Name must only contain letters, spaces and/or periods


If this is a bug, can this be fixed quickly so we can get our
cert installed and working??

-- Kevin

 

[jeffery]

For a quicker time to have a fix, you'd better directly send an email to John if you believe it's a bug.