2 domains, each with own SSL certificates pointing to one set of files

0
votes

I have been asked to point a new domain name to my already SSL secured website. The tricky part is that the new domain is also to have an SSL certificate so that the website can be accessed from both domain names without redirecting.

Is it possible to do this given that each SSL certificate must (I think) have its own IP address. To further complicate things, the server uses WHM/cPanel to manage accounts and from what I have seen, there doesn't appear to be a way of having one account use 2 IP addresses.

So my question is this: Is it possible to install an SSL certificate for a new account in cPanel, assign its own IP address etc, and then change the document root so that the new account points to the same document root of another account that is also secured via SSL? If so, would this work without generating any errors etc in the browser and would cPanel still be able to be used to manage the account without it resetting the document root change?

Server info: Dedicated CENTOS based server running WHM 11.32.5 (build 13)

3
sslcpanelwhm

3 Answers

2
votes

This is Bryan from Symantec SSL Support. From the certificate perspective, if you would like to secure 2 domains with one SSL certificte, you can enroll for a multi-domain certificate which supports SAN (Subject Alternative Name). All certificate are issued to a FQDN (Fully Qualified Domain Name) and not an IP address as the CAB forum standardization was implented.

Once the certificate is issued, you must install it to the same server the CSR was generated from. If you are using CPanel/WHM, the interface creates a private key when you generate the CSR. The private key is needed during the SSL installation to match with the public key which is issued by the CA (Certificate Authority). The CA only issues the public key, not the private key, so it's important you have the private key on the server.

So, if you have a multi-domain or SAN certificate installed on one domain on one server and you want the second domain on the second server to work, you will need the same private key and public key from the first server installed on that second server. Otherwise, you will get a mismatch error. Any type of IP, domain or document root configuration needs to referenced by the server's documentation.

0
votes

For more information visit Symantec SSL

0
votes

I believe you should be able to set up 2 different websites each with it's own ip address but pointing to the same document root. If you are using using cpanel, there is a good chance it's on top of apache, and I know apache will allow this.