Avatar of SOTHDEV
 asked on

Subdomain SSL Certificates

We have a server hosted with cacloud.com. We have been attempting to set up subdomains for clients to use to log in to one of our web applications. We have created the sub domains on cPanel, and installed the SSL certificate onto the server.

Past employees had properly set up the subdomains previously, but they have since left the company, and we have been unable to properly configure additional subdomains. When we created a new subdomain, and added in the correct redirect, it gives us a blank page with this message when trying to view that subdomain in a web browser:

Sorry, that account does not exist

For example,
is working as intended, while
is not.

As far as we can tell, both subdomains have been created the same way on cPanel. The only thing we know, is that a senior member had to do something involving the SSL certificates for each subdomain.

Any information you can give us would be great, we are not very experienced in this area.
SSL / HTTPSApache Web Server

Avatar of undefined
Last Comment

8/22/2022 - Mon

You need to be more detailed on your issue.
You can only have one dedicated secure site per IP/port combination.
You could use/have multiple secure sites using host headers to differentiate among them but that would require that you have a single certificate with SAN Subject Alternate Names meaning every single subdomain that you want to be secured will have to be referenced/included in the certficate.

If you have multiple IPs, you have to make sure that each subdomain with a certificate is bound to the correct IP
ip1:443 site1
IP2:443 site2

If you only have a single IP, apache will differetiate between them when the connection is http:// unsecure but will not work without the above on the secure site.

Sorry if we didn't give enough detail, we gave as much as we know as there was a large knowledge gap between us and the employee that previously worked on this.

I believe we have a wildcard certificate, in the ssl.db file i see *.visualbook.ca, and I remember the previous employees discussing the difficulty of getting the wildcard certificate to work. We have all the sub domains on the same IP, and in the httpd.conf file they're all on the same IP:port.

We have about 4 sub domains that are already all working on the same IP:port, but any new ones we try to set up are not.

View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
Ask your own question & get feedback from real experts
Find out why thousands trust the EE community with their toughest problems.

We looked at the bottom of the httpd.conf file, there were 2 includes, a few other includes throughout as well, but all the files that were included were empty files.

We couldn't find an ssl.conf file anywhere on our server either, nor a conf.d directory.

Our httpd.conf file had previously had the <VirtualHost> entries for the new subdomains we set up, but I re-copied them from a working sub domain and changed the info again just to make sure, and the situation didn't change.
Experts Exchange has (a) saved my job multiple times, (b) saved me hours, days, and even weeks of work, and often (c) makes me look like a superhero! This place is MAGIC!
Walt Forbes

where is the httpd.conf file

/etc/<match your setup>/conf.d/

What you are looking for is a virtual host entry where it has NameVirtualHost IP Listen 443.

Look at the cpanel setup for the site that works and look at it sub sections if any, look at whether there are two sections, secure web sites, unsecure web sites. etc.

The data might be in a mysql DB......

Navigate through CPANEL and compare the domain references that is working as a basis for the new one you wish to use.

Our httpd.conf file is
however there is no conf.d/ directory in /etc/httpd/ or /etc/httpd/conf/

We went through all the sub sections in cpanel. There's nothing for secure/unsecure websites, just Security and SSL/TLS. In the SSL/TLS section, the new subdomain is listed, exactly same as the working ones.

We also went through the mySQL databases and couldn't find anything regarding the subdomains, or accounts, etc.

The error you get when visiting deals with user not authorized.  There is something missing in your apache configuration.  it could be that you exceeded the number of subdomains that can be hosted.  From this vantage point I can not say which is the correct answer.

However, you do not get any errors related to the certificate.  This is purely a configuration of whether apache will answer your request for the domain you specify.
Try out a week of full access for free.
Find out why thousands trust the EE community with their toughest problems.

Thanks for your help Arnold. We found the issue after looking at the places you suggested. It was a database entry configuration issue.