SSL Certificate for subdomain - Please help

[baggs1981]

Hi All,

I'm having real issues getting a new SSL Cert to work for a subdomain. There is an existing cert for www.domain.com and that works fine. Client has registered a new cert for m.domain.com using the DirectAdmin CSR generation and tried the instructions here: http://www.site-helper.com/ssl.html

The domain and subdomain are using the same IP, I'm aware of SNI, the server has Apache 2.2 and I have done this: http://directadmin.com/features.php?id=1100

The Virtual host entry for m. is like this:
<VirtualHost xxx.xxx.xxx.xxx:443 >

SSLEngine on
SSLCertificateFile /usr/local/directadmin/data/users/batterycom/domains/m.domain.com.cert
SSLCertificateKeyFile /usr/local/directadmin/data/users/batterycom/domains/m.domain.com.key
SSLCACertificateFile /usr/local/directadmin/data/users/batterycom/domains/m.domain.com.cacert

ServerName m.domain.com
ServerAlias www.m.domain.com m.domain.com

But when I browse to the m. site the cert that shows is the www. one no matter what I do (restarted Apache doesn't help) ?!

Any ideas please? there seems to be no official DA method for this.

In addition, when I generated a CSR the private key file that remains is exactly the same as the previous private key file for the www. certificate, could this be an issue?

Does the m. domain have to be setup as seperate in DA as it is currently just a subdomain of the domain.com and then with relevant virtual host entry.

Any help / advice asap would be great.

 

[baggs1981]

Hi, Can anybody help with this. I still can't get this to work.

I have now tried to delete the subdomain and then set it up as it's own domain via DA, then with that fully working as a website etc (which it does) I generate a CSR then got the certificate re-issued using that CSR but even after I install that certificate and verify it is there by looking at the various files on the server it still will not work.

This is doing my head in and shouldn't be this difficult to do.

 

[DirectAdmin Support]

For SSL Certificate, the VirtualHost that you want to control the cert must appear first before other VH's with the same IP.

For a subdomain with an SSL certificate:
1) Ensure the User is on an owned IP.

2) Create sub.domain.com as a full domain under your User:
User Level -> Domain Setup -> Add Additional Domain: domain=sub.domain.com

3) to make the subdomain show up first in the httpd.conf, set it as the default domain.
User Level -> Domain Setup -> select checkbox for sub.domain.com : click "Set as Default"

---

One trick I use, is I access the IP directly:
https://1.2.3.4

It should show the correct page that needs to setup the certificate.
In your case, you'd need to see the subdomain when accessing the IP.

John

 

[ASap]

How can I convert subdomain into additional domain?

I am having issues with implementing SSL subdomains here.

Please note that the subdomains already have contents.