Setting up an SSL Certificate for a Subdomain

This article is intended for Web Site Administrators with full control of a dedicated server, running Apache, WHM, and cPanel for account management. Setting up an SSL Certificate for a Domain should always be performed by a knowledgable web server administrator. If you are not the server administrator, please submit a ticket requesting the installation of your new SSL certificate.

The goal of this article is to explain a process for installing an SSL certificate for a website subdomain, where the primary domain already has a valid certificate. Because each certificate requires having a unique IP address, and typically one one IP address is assigned to a domain (including subdomains), the process for installing the SSL certificate is a liittle complicated.


How to Setup an SSL Certificate for a Subdomain using a Standard Single-Site SSL Certificate.

For this example, our website is DOMAIN.COM, which already has a SSL cert. We want another cert for the subdomain. Every cert requires a unique IP address in order to function / install. We assume in these steps that you have:

  1. A functioning DOMAIN.COM
  2. "Generated" a CSR for SUBDOMAIN.DOMAIN.COM
  3. Bought your SSL certificate for SUBDOMAIN.DOMAIN.COM
  4. Received your "CA BUNDLE" from the company issuing the SSL Certificate

  • Step 1: In the DOMAIN.COM cPanel, Create the subdomain you are going to use ( SUBDOMAIN.DOMAIN.COM )
  • Step 2: In Servers WHM, "Add a DNS Zone" by specifying a unique IP address and the full subdomain URL ( SUBDOMAIN.DOMAIN.COM ). You MUST use a UNIQUE IP address for every SSL certificate you install, even if they are for the same DOMAIN.
  • Step 3: In Servers WHM, "Edit DNS Zone" edit the DNS zone you just created and remove the CNAME records (mail, www, and ftp)
  • Step 4: Login using SHELL access to your server and edit your Apache "httpd.conf" file ( /usr/local/apache/conf/httpd.conf ). Search for the line that reads "SUBDOMAIN.DOMAIN.COM" and edit the VirtualHost tag to read the correct IP address. VirtualHost XX.XX.XX.XX:80
  • Step 5: Restart your Apache by typing "httpd restart". At this point, you should be able to load SUBDOMAIN.DOMAIN.COM in your browser. If that doesn't work, try pinging the address SUBDOMAIN.DOMAIN.COM and debug from there. With the DNS zone created, and the httpd.conf file modified, you should have a unique IP address resolving on the server, and the public html being served from the primary domain account (subdomain folder - ie: /home/domain/public_html/subdomain)
  • Step 6: In Servers WHM, "Install a SSL Certificate and Setup the Domain" - paste the .CRT code you received from your Certificate Issuer. The server should find the certificate for the domain that you previously created (before purchasing) and locate the appropriate .key and ca bundle data. Submit to Install. 
You should receive an OK result.You should now have a working SSL Certificate for your subdomain.
  • 11 Users Found This Useful
Was this answer helpful?

Related Articles

Delete Mail from All User Accounts

If you ever find yourself in a position where you need to quickly delete all messages from the...

How to set HTML files to run PHP Code

Sometimes it can be beneficial to include PHP code within your HTML files.  Typically you...

Backup & Restore MySQL Database Tables

To backup and restore a MySQL database with all tables from a command prompt: To Backup the...

Mass File Renaming

This little snippet will help you to rename a list of files with a .xhtml extension to a .html...

cPanel phpMyAdmin - Setting Default Theme

To define the default theme within phpMyAdmin on a cPanel/WHM server you will add the following...

Disqus this...

comments powered by Disqus