Is a multi-domain ssl required for Ultimate

Hello,



I am prepping to move a second site on to Ultimate. I am told by my ISP that cPanel has one user and one dedicated IP, and therefore one certificate. They are saying that to run Ultimate, I need to get a multi-domain SSL.



Can other Ultimate users tell me how they manage their SSLs, did you need to get a multi-domain ssl?



Thanks.

I am still trying to get my SSL to work on Ultimate. Unfortunately there is no answer yet. Really annoying, because I need about 8 websites to work with SSL.

I got a more detailed answer from my ISP. The net is, if you can only have one IP per cPanel, anyone using Ultimate will have to get a multi-domain SSL.

There is a trick to this. I've done it on my own server running cPanel.


  1. Create a cPanel account for every domain you own.
  2. Install CS-Cart Ultimate on one of those accounts. Note: This account will be your parent store/root domain.
  3. Have your host/ISP override the VirtualHost configuration for apache by pointing the DocumentRoot for each child domain to your parent's cPanel folder. cPanel has a document on how to do this here:[url=“http://docs.cpanel.net/twiki/bin/view/EasyApache3/InsideVHost”] http://docs.cpanel.net/twiki/bin/view/EasyApache3/InsideVHost[/url]



    If done correctly, you can run as many domains as you like with their own SSL certificates. Doing it this way will also protect from cPanel updates overriding your custom apache configuration.



    Cheers,

We are looking at setting Ultimate up for a client. This is very interesting and CS CART should tell you about this in the pre sales info. I was not aware of this issue. All our clients are on Cpanel plans so I have emailed my hosting company and hope they would accomodate this!



If anyone has any extra info on this then please chip in and discuss?

The is no such thing as a multi-domain ssl. There is a wildcard ssl that will work on all sub-domains.

Certs very for the past several years are name based, not ip based. However, cpanel has a limit of one very per account.

Perhaps it is a terminology thing. My ISP installed what they called a muti domain ssl and it looks like some of the major companies like Comodo and Geotrust offer them as we'll.

Hi Novista,



Who is your hosting company. As every one I have approached says that this is not possible and would not be interested in helping.

If Ultimate is sooooo GREAT a product how do CS CART implement it themselves? Why is this issues not covered in the documentation. My client does not want to spend money on an ecommerce platform with issues like this. Don`t get me wrong CS CART ULTIMATE is great and I would recommend to anyone but this SSL issue for Ultimate set-up is a big issue!

It was not a big deal for me, just something I did not plan for but you are right, a footnote in the documentation would be nice.



My VPS is with Hostgator. They new exactly what I needed and did it. I could have installed it myself but I'm not in that business anymore so I paid the experts.

I do not know of any SSL certificate that ill allow you to certify multiple domains with a single certificate (would kind of defeat the purpose).



Apache is quite capable of having a certificate for each of the domains above and working properly even though they are all on the same IP. cPanel might have a problem with doing it from a single account, but it might be able to do it using the “addon domains” but I don't know how to do it.



If someone could document the method used to configure multiple ssl certificates in a single cPanel account, that would be great.

Have been researching this too. The type of certificate to do this properly would be a UCC Multi domain certificate but its only available at a limited number of hosting companies such as Go Daddy etc. I have spent last couple of days researching and very few hosting companies even support the Vhosts method too.

Looks like ucc certs were designed for Microsoft Exchange. Very expensive. Like $100/yr per domain. Wonder if the cPanel “addon domains” can do the trick with normal certs?

Sure be nice if helpdesk would chime in here.

TO jjtrottier



IS there a guide you can let us have on how you did this? I`m looking at purchasing a VPS in the next few days with Cpanel installed so would love be able to configure it how you have.

Hi twist4d



Give me a day or two and I'll try and put something straightforward together for you. Looks like a lot of people could use this guide to get a proper setup.



Will follow-up shortly.



Cheers,

That would be great :)

Setting up multiple domains & SSL with CS-Cart Ultimate

** Note this requires SSH access to your server.



Domain A: masterstore.com

Domain B: slavestore.com


  1. In WHM, create a cPanel account for masterstore.com. We'll call this username 'master'.
  2. Again in WHM, create a cPanel account for slavestore.com. We'll call this username 'slave'.
  3. Install CS-Cart Ultimate on the filesystem for master account. Let's do this at the root of public_html.
  4. Launch SSH to your server and su to root.
  5. Call directory - cd /usr/local/apache/conf/userdata/std/2/

    ** If for some reason you run apache 1, then replace the 2 in the last directory with 1
  6. Create directory slave - or the username of your second store.
  7. Call this directory - cd slave.
  8. You should now be located in /usr/local/apache/conf/userdata/std/2/slave . Inside this folder, create a file called custom.conf . Launch vim (vi custom.conf).
  9. Add the following inside this file:



    ServerName slavestore.com

    ServerAlias www.slavestore.com ← optional

    DocumentRoot /home/master/public_html

    ServerAdmin admin@slavestore.com

    UseCanonicalName Off

    CustomLog /usr/local/apache/domlogs/slavestore.com combined

    CustomLog /usr/local/apache/domlogs/slavestore.com-bytes_log “%{%s}t %I .\n%{%s}t %O .”

    User master # Needed for Cpanel::ApacheConf



    suPHP_UserGroup master master





    php4_admin_value open_basedir “/home/master:/usr/lib/php:/usr/php4/lib/php:/usr/local/lib/php:/usr/local/php4/lib/php:/tmp”

    php5_admin_value open_basedir “/home/master:/usr/lib/php:/usr/local/lib/php:/tmp”







    php_admin_value open_basedir “/home/master:/usr/lib/php:/usr/php4/lib/php:/usr/local/lib/php:/usr/local/php4/lib/php:/tmp”





    php_admin_value open_basedir “/home/master:/usr/lib/php:/usr/local/lib/php:/tmp”





    php_admin_value open_basedir “/home/master:/usr/lib/php:/usr/php4/lib/php:/usr/local/lib/php:/usr/local/php4/lib/php:/tmp”









    SuexecUserGroup master master







    RUidGid master master



    ScriptAlias /cgi-bin/ /home/master/public_html/cgi-bin/


  10. Save and exit vim (the file should be saved as /usr/local/apache/conf/userdata/std/2/slave/custom.conf)
  11. Run /scripts/verify_vhost_includes
  12. Restart apache by typing 'service httpd restart'



    ** What this does is replaces the original Apache configuration for slavestore.com with the new config above. As you can see, I'm hijacking the original config for this domain and repointing the DocumentRoot for the site to the main CS-Cart Ultimate installation under account master.



    ** NOTE: You could directly edit your httpd.conf in /etc/httpd/conf/httpd.conf instead of doing this but your custom changes will get overwritten with any future cPanel/WHM updates. As such, cPanel has been nice enough to set aside a specific area in the filesystem to allow for custom VirtualHost configurations. As long as you save your custom configuration in the designated folders, then you should be immune to future updates and your multi-store setup will stay intact.



    *** This procedure can be replicated to accommodate multiple SSL certificates. This time, you would create another custom config in /usr/local/apache/conf/userdata/ssl/2/slave and repeat the process.



    For more about custom VirtualHost configurations, visit this cPanel article: [url=“http://docs.cpanel.net/twiki/bin/view/EasyApache3/InsideVHost”]http://docs.cpanel.net/twiki/bin/view/EasyApache3/InsideVHost[/url]



    Regards,

Wow jjtrottier



Thats a great guide. I will test today on a demo install for a client. Will be using multiple ssl certificates as well ready to install so will post back when had a go. Thakns again for this.



A note to CS CART!



This is the sort of information we need in the knowledge base or developer docs areas of your site.



Cheers again jjtrottier



T4D



:)

@jtrotter - Okay, so in summary you have 2 (or more) cpanel accounts (one per storefront). [list]

[]The Apache config for each of those is adjusted to use the DocumentRoot of the main Ultimate admin site (they all share the same HTML)

[
]Tell Apache to use the user/group of the Ultimate account for each storefront

[*]You use a normal SSL cert configured for each cpanel account (storefront).

[/list]

This all makes sense. Trouble is that the hosting services I use do not have the apache path you specified. I.e. there's not userdata/std path at all. It appears that the conf uses a variety of “include” files that are generated from cPanel. So to change the DocumentRoot and user/group of these sites would require that the cPanel config files are used so that when a new account is created and the httpd.conf is re-created that the changes are not overwritten (or that a special config is used to re-declare the DocumentRoot and user/group for a particular virtual host.



Do you know how to make these changes so that cPanel will not overwrite them?

If an account is saved, I'm concerned that cPanel might overwrite the DocumentRoot and user/gourp for the site(s).

Would be nice to find a cPanel solution to this problem so it could be managed at the account level versus the root level.