Setting up an SSL Certificate for a Subdomain

This article is intended for Web Site Administrators with full control of a dedicated server, running Apache, WHM, and cPanel for account management. Setting up an SSL Certificate for a Domain should always be performed by a knowledgable web server administrator. If you are not the server administrator, please submit a ticket requesting the installation of your new SSL certificate.

The goal of this article is to explain a process for installing an SSL certificate for a website subdomain, where the primary domain already has a valid certificate. Because each certificate requires having a unique IP address, and typically one one IP address is assigned to a domain (including subdomains), the process for installing the SSL certificate is a liittle complicated.

How to Setup an SSL Certificate for a Subdomain using a Standard Single-Site SSL Certificate.

For this example, our website is DOMAIN.COM, which already has a SSL cert. We want another cert for the subdomain. Every cert requires a unique IP address in order to function / install. We assume in these steps that you have:

  1. A functioning DOMAIN.COM
  2. "Generated" a CSR for SUBDOMAIN.DOMAIN.COM
  3. Bought your SSL certificate for SUBDOMAIN.DOMAIN.COM
  4. Received your "CA BUNDLE" from the company issuing the SSL Certificate

  • Step 1: In the DOMAIN.COM cPanel, Create the subdomain you are going to use ( SUBDOMAIN.DOMAIN.COM )
  • Step 2: In Servers WHM, "Add a DNS Zone" by specifying a unique IP address and the full subdomain URL ( SUBDOMAIN.DOMAIN.COM ). You MUST use a UNIQUE IP address for every SSL certificate you install, even if they are for the same DOMAIN.
  • Step 3: In Servers WHM, "Edit DNS Zone" edit the DNS zone you just created and remove the CNAME records (mail, www, and ftp)
  • Step 4: Login using SHELL access to your server and edit your Apache "httpd.conf" file ( /usr/local/apache/conf/httpd.conf ). Search for the line that reads "SUBDOMAIN.DOMAIN.COM" and edit the VirtualHost tag to read the correct IP address. VirtualHost XX.XX.XX.XX:80
  • Step 5: Restart your Apache by typing "httpd restart". At this point, you should be able to load SUBDOMAIN.DOMAIN.COM in your browser. If that doesn't work, try pinging the address SUBDOMAIN.DOMAIN.COM and debug from there. With the DNS zone created, and the httpd.conf file modified, you should have a unique IP address resolving on the server, and the public html being served from the primary domain account (subdomain folder - ie: /home/domain/public_html/subdomain)
  • Step 6: In Servers WHM, "Install a SSL Certificate and Setup the Domain" - paste the .CRT code you received from your Certificate Issuer. The server should find the certificate for the domain that you previously created (before purchasing) and locate the appropriate .key and ca bundle data. Submit to Install. 
You should receive an OK result.You should now have a working SSL Certificate for your subdomain. <<<<<<< HEAD

Was this answer helpful?

 Print this Article

Disqus this...

comments powered by Disqus

or Comment on Facebook

  • Email, SSL
  • 11 Users Found This Useful
Was this answer helpful?
>>>>>>> v7.2.3-release.1

Related Articles

Creating a Backup using the TAR Command

One of the most common commands you will discover when dealing with a hosting server is the TAR...

Mass File Renaming

This little snippet will help you to rename a list of files with a .xhtml extension to a .html...

Converting a Database from latin1 to UTF-8

These instructions will work for any MySQL database installed on a Linux server.  These...

Clearing Brute Force Lockout

Clearing a Brute Force Lockout Record from WHM on Apache - this requires root access to the...

Common Linux Shell Command Reference

Finding Files larger than X in size If you want to find files larger than 10mb:find . -size...