what would be correct way to install SSL to subdomain?
For a subdomain created using the DirectAdmin subdomain feature:
Your domain needs to be on it's own IP#.
Just buy and install a Certificate for the subdomain, and after you create the subdomain move the entire domain subdirectory and it's contents from public_html to private_html.
The limitation is that if anyone tries to use https to go to your main domain they'll see a placeholder. Any links to your subdomain should be https links.
For a subdomain created using the DirectAdmin domain feature:
Your subdomain needs to be on it's own IP#; that means it needs to be in a separate user account.
Create the subdomain as a main domain in the new user account, then buy and install the subdomain. Any links to your subdomain should be https links.
If the subdomain isn't on the same server as the main domain you'll need to have proper DNS set up on the server hosting the main domain.
Can I add certificate to maindomain and use same certificate from subdomains?
You can do anything you want (as I've written before you can even strike a match on a wet cake of soap, though it's not easy); if you use the same Certificate than anyone using anything besides the domain name for which the subdomain was ordered will get an error message when they look at the other subdomain/domain.
Jeff
