Jump to content

  • You cannot start a new topic
  • You cannot reply to this topic

Is a multi-domain ssl required for Ultimate Rate Topic   * * * * * 1 votes

 
  • novista
  • Senior Member
  • Members
  • Join Date: 14-Jul 11
  • 199 posts

Posted 11 September 2012 - 03:20 PM #1

Hello,

I am prepping to move a second site on to Ultimate. I am told by my ISP that cPanel has one user and one dedicated IP, and therefore one certificate. They are saying that to run Ultimate, I need to get a multi-domain SSL.

Can other Ultimate users tell me how they manage their SSLs, did you need to get a multi-domain ssl?

Thanks.

 
  • Janssen
  • Advanced Member
  • Trial users
  • Join Date: 18-Jul 12
  • 83 posts

Posted 11 September 2012 - 03:29 PM #2

I am still trying to get my SSL to work on Ultimate. Unfortunately there is no answer yet. Really annoying, because I need about 8 websites to work with SSL.

 
  • novista
  • Senior Member
  • Members
  • Join Date: 14-Jul 11
  • 199 posts

Posted 11 September 2012 - 11:42 PM #3

I got a more detailed answer from my ISP. The net is, if you can only have one IP per cPanel, anyone using Ultimate will have to get a multi-domain SSL.

 
  • jjtrottier
  • Junior Member
  • Members
  • Join Date: 25-Jan 11
  • 128 posts

Posted 12 September 2012 - 04:15 AM #4

There is a trick to this. I've done it on my own server running cPanel.

1. Create a cPanel account for every domain you own.
2. Install CS-Cart Ultimate on one of those accounts. Note: This account will be your parent store/root domain.
3. Have your host/ISP override the VirtualHost configuration for apache by pointing the DocumentRoot for each child domain to your parent's cPanel folder. cPanel has a document on how to do this here: http://docs.cpanel.net/twiki/bin/view/EasyApache3/InsideVHost

If done correctly, you can run as many domains as you like with their own SSL certificates. Doing it this way will also protect from cPanel updates overriding your custom apache configuration.

Cheers,

 
  • twist4d
  • Advanced Member
  • Members
  • Join Date: 24-May 12
  • 66 posts

Posted 11 December 2012 - 09:50 PM #5

We are looking at setting Ultimate up for a client. This is very interesting and CS CART should tell you about this in the pre sales info. I was not aware of this issue. All our clients are on Cpanel plans so I have emailed my hosting company and hope they would accomodate this!

If anyone has any extra info on this then please chip in and discuss?

 
  • tbirnseth
  • CS Cart Expert
  • Authorized Reseller
  • Join Date: 08-Nov 08
  • 12156 posts

Posted 12 December 2012 - 06:53 AM #6

The is no such thing as a multi-domain ssl. There is a wildcard ssl that will work on all sub-domains.
Certs very for the past several years are name based, not ip based. However, cpanel has a limit of one very per account.

EZ Merchant Solutions: Custom (USA based) B2B Development, Consulting, Development and Special Projects (get a quote here).
Commercial addons, payment methods and modifications to meet your business and operations needs.


 
  • novista
  • Senior Member
  • Members
  • Join Date: 14-Jul 11
  • 199 posts

Posted 12 December 2012 - 07:02 AM #7

Perhaps it is a terminology thing. My ISP installed what they called a muti domain ssl and it looks like some of the major companies like Comodo and Geotrust offer them as we'll.

 
  • twist4d
  • Advanced Member
  • Members
  • Join Date: 24-May 12
  • 66 posts

Posted 12 December 2012 - 07:15 AM #8

Hi Novista,

Who is your hosting company. As every one I have approached says that this is not possible and would not be interested in helping.

 
  • twist4d
  • Advanced Member
  • Members
  • Join Date: 24-May 12
  • 66 posts

Posted 12 December 2012 - 07:17 AM #9

If Ultimate is sooooo GREAT a product how do CS CART implement it themselves? Why is this issues not covered in the documentation. My client does not want to spend money on an ecommerce platform with issues like this. Don`t get me wrong CS CART ULTIMATE is great and I would recommend to anyone but this SSL issue for Ultimate set-up is a big issue!

 
  • novista
  • Senior Member
  • Members
  • Join Date: 14-Jul 11
  • 199 posts

Posted 12 December 2012 - 03:19 PM #10

It was not a big deal for me, just something I did not plan for but you are right, a footnote in the documentation would be nice.

My VPS is with Hostgator. They new exactly what I needed and did it. I could have installed it myself but I'm not in that business anymore so I paid the experts.

 
  • tbirnseth
  • CS Cart Expert
  • Authorized Reseller
  • Join Date: 08-Nov 08
  • 12156 posts

Posted 13 December 2012 - 02:15 AM #11

I do not know of any SSL certificate that ill allow you to certify multiple domains with a single certificate (would kind of defeat the purpose).

Apache is quite capable of having a certificate for each of the domains above and working properly even though they are all on the same IP. cPanel might have a problem with doing it from a single account, but it might be able to do it using the "addon domains" but I don't know how to do it.

If someone could document the method used to configure multiple ssl certificates in a single cPanel account, that would be great.

EZ Merchant Solutions: Custom (USA based) B2B Development, Consulting, Development and Special Projects (get a quote here).
Commercial addons, payment methods and modifications to meet your business and operations needs.


 
  • twist4d
  • Advanced Member
  • Members
  • Join Date: 24-May 12
  • 66 posts

Posted 13 December 2012 - 07:03 AM #12

Have been researching this too. The type of certificate to do this properly would be a UCC Multi domain certificate but its only available at a limited number of hosting companies such as Go Daddy etc. I have spent last couple of days researching and very few hosting companies even support the Vhosts method too.

 
  • tbirnseth
  • CS Cart Expert
  • Authorized Reseller
  • Join Date: 08-Nov 08
  • 12156 posts

Posted 13 December 2012 - 08:25 AM #13

Looks like ucc certs were designed for Microsoft Exchange. Very expensive. Like $100/yr per domain. Wonder if the cPanel "addon domains" can do the trick with normal certs?

EZ Merchant Solutions: Custom (USA based) B2B Development, Consulting, Development and Special Projects (get a quote here).
Commercial addons, payment methods and modifications to meet your business and operations needs.


 
  • tbirnseth
  • CS Cart Expert
  • Authorized Reseller
  • Join Date: 08-Nov 08
  • 12156 posts

Posted 13 December 2012 - 08:29 AM #14

Sure be nice if helpdesk would chime in here.

EZ Merchant Solutions: Custom (USA based) B2B Development, Consulting, Development and Special Projects (get a quote here).
Commercial addons, payment methods and modifications to meet your business and operations needs.


 
  • twist4d
  • Advanced Member
  • Members
  • Join Date: 24-May 12
  • 66 posts

Posted 17 December 2012 - 12:16 PM #15

TO jjtrottier

IS there a guide you can let us have on how you did this? I`m looking at purchasing a VPS in the next few days with Cpanel installed so would love be able to configure it how you have.

 
  • jjtrottier
  • Junior Member
  • Members
  • Join Date: 25-Jan 11
  • 128 posts

Posted 17 December 2012 - 02:59 PM #16

Hi twist4d

Give me a day or two and I'll try and put something straightforward together for you. Looks like a lot of people could use this guide to get a proper setup.

Will follow-up shortly.

Cheers,

 
  • twist4d
  • Advanced Member
  • Members
  • Join Date: 24-May 12
  • 66 posts

Posted 17 December 2012 - 03:26 PM #17

That would be great :)

 
  • jjtrottier
  • Junior Member
  • Members
  • Join Date: 25-Jan 11
  • 128 posts

Posted 17 December 2012 - 10:25 PM #18

Setting up multiple domains & SSL with CS-Cart Ultimate
** Note this requires SSH access to your server.

Domain A: masterstore.com
Domain B: slavestore.com

1. In WHM, create a cPanel account for masterstore.com. We'll call this username 'master'.
2. Again in WHM, create a cPanel account for slavestore.com. We'll call this username 'slave'.
3. Install CS-Cart Ultimate on the filesystem for master account. Let's do this at the root of public_html.
4. Launch SSH to your server and su to root.
5. Call directory - cd /usr/local/apache/conf/userdata/std/2/
** If for some reason you run apache 1, then replace the 2 in the last directory with 1
6. Create directory slave - or the username of your second store.
7. Call this directory - cd slave.
8. You should now be located in /usr/local/apache/conf/userdata/std/2/slave . Inside this folder, create a file called custom.conf . Launch vim (vi custom.conf).
9. Add the following inside this file:

ServerName slavestore.com
ServerAlias www.slavestore.com <-- optional
DocumentRoot /home/master/public_html
ServerAdmin admin@slavestore.com
UseCanonicalName Off
CustomLog /usr/local/apache/domlogs/slavestore.com combined
CustomLog /usr/local/apache/domlogs/slavestore.com-bytes_log "%{%s}t %I .\n%{%s}t %O ."
## User master # Needed for Cpanel::ApacheConf
<IfModule mod_suphp.c>
suPHP_UserGroup master master
</IfModule>
<IfModule concurrent_php.c>
php4_admin_value open_basedir "/home/master:/usr/lib/php:/usr/php4/lib/php:/usr/local/lib/php:/usr/local/php4/lib/php:/tmp"
php5_admin_value open_basedir "/home/master:/usr/lib/php:/usr/local/lib/php:/tmp"
</IfModule>
<IfModule !concurrent_php.c>
<IfModule mod_php4.c>
php_admin_value open_basedir "/home/master:/usr/lib/php:/usr/php4/lib/php:/usr/local/lib/php:/usr/local/php4/lib/php:/tmp"
</IfModule>
<IfModule mod_php5.c>
php_admin_value open_basedir "/home/master:/usr/lib/php:/usr/local/lib/php:/tmp"
</IfModule>
<IfModule sapi_apache2.c>
php_admin_value open_basedir "/home/master:/usr/lib/php:/usr/php4/lib/php:/usr/local/lib/php:/usr/local/php4/lib/php:/tmp"
</IfModule>
</IfModule>
<IfModule !mod_disable_suexec.c>
<IfModule !mod_ruid2.c>
SuexecUserGroup master master
</IfModule>
</IfModule>
<IfModule mod_ruid2.c>
RUidGid master master
</IfModule>
ScriptAlias /cgi-bin/ /home/master/public_html/cgi-bin/

10. Save and exit vim (the file should be saved as /usr/local/apache/conf/userdata/std/2/slave/custom.conf)
11. Run /scripts/verify_vhost_includes
12. Restart apache by typing 'service httpd restart'

** What this does is replaces the original Apache configuration for slavestore.com with the new config above. As you can see, I'm hijacking the original config for this domain and repointing the DocumentRoot for the site to the main CS-Cart Ultimate installation under account master.

** NOTE: You could directly edit your httpd.conf in /etc/httpd/conf/httpd.conf instead of doing this but your custom changes will get overwritten with any future cPanel/WHM updates. As such, cPanel has been nice enough to set aside a specific area in the filesystem to allow for custom VirtualHost configurations. As long as you save your custom configuration in the designated folders, then you should be immune to future updates and your multi-store setup will stay intact.

*** This procedure can be replicated to accommodate multiple SSL certificates. This time, you would create another custom config in /usr/local/apache/conf/userdata/ssl/2/slave and repeat the process.

For more about custom VirtualHost configurations, visit this cPanel article: http://docs.cpanel.n...he3/InsideVHost

Regards,

 
  • twist4d
  • Advanced Member
  • Members
  • Join Date: 24-May 12
  • 66 posts

Posted 18 December 2012 - 07:53 AM #19

Wow jjtrottier

Thats a great guide. I will test today on a demo install for a client. Will be using multiple ssl certificates as well ready to install so will post back when had a go. Thakns again for this.

A note to CS CART!

This is the sort of information we need in the knowledge base or developer docs areas of your site.

Cheers again jjtrottier

T4D

:)

 
  • tbirnseth
  • CS Cart Expert
  • Authorized Reseller
  • Join Date: 08-Nov 08
  • 12156 posts

Posted 18 December 2012 - 08:42 PM #20

@jtrotter - Okay, so in summary you have 2 (or more) cpanel accounts (one per storefront).
  • The Apache config for each of those is adjusted to use the DocumentRoot of the main Ultimate admin site (they all share the same HTML)
  • Tell Apache to use the user/group of the Ultimate account for each storefront
  • You use a normal SSL cert configured for each cpanel account (storefront).
This all makes sense. Trouble is that the hosting services I use do not have the apache path you specified. I.e. there's not userdata/std path at all. It appears that the conf uses a variety of "include" files that are generated from cPanel. So to change the DocumentRoot and user/group of these sites would require that the cPanel config files are used so that when a new account is created and the httpd.conf is re-created that the changes are not overwritten (or that a special config is used to re-declare the DocumentRoot and user/group for a particular virtual host.

Do you know how to make these changes so that cPanel will not overwrite them?
If an account is saved, I'm concerned that cPanel might overwrite the DocumentRoot and user/gourp for the site(s).
Would be nice to find a cPanel solution to this problem so it could be managed at the account level versus the root level.

EZ Merchant Solutions: Custom (USA based) B2B Development, Consulting, Development and Special Projects (get a quote here).
Commercial addons, payment methods and modifications to meet your business and operations needs.