asked on
Subdomain SSL Certificates
We have a server hosted with cacloud.com. We have been attempting to set up subdomains for clients to use to log in to one of our web applications. We have created the sub domains on cPanel, and installed the SSL certificate onto the server.
Past employees had properly set up the subdomains previously, but they have since left the company, and we have been unable to properly configure additional subdomains. When we created a new subdomain, and added in the correct redirect, it gives us a blank page with this message when trying to view that subdomain in a web browser:
Sorry, that account does not exist
For example,
bayshoreoptometry.visualbo
is working as intended, while
orangeville.visualbook.ca
is not.
As far as we can tell, both subdomains have been created the same way on cPanel. The only thing we know, is that a senior member had to do something involving the SSL certificates for each subdomain.
Any information you can give us would be great, we are not very experienced in this area.
Past employees had properly set up the subdomains previously, but they have since left the company, and we have been unable to properly configure additional subdomains. When we created a new subdomain, and added in the correct redirect, it gives us a blank page with this message when trying to view that subdomain in a web browser:
Sorry, that account does not exist
For example,
bayshoreoptometry.visualbo
is working as intended, while
orangeville.visualbook.ca
is not.
As far as we can tell, both subdomains have been created the same way on cPanel. The only thing we know, is that a senior member had to do something involving the SSL certificates for each subdomain.
Any information you can give us would be great, we are not very experienced in this area.
SSL / HTTPSApache Web Server
Last Comment
SOTHDEV
ASKER
Sorry if we didn't give enough detail, we gave as much as we know as there was a large knowledge gap between us and the employee that previously worked on this.
I believe we have a wildcard certificate, in the ssl.db file i see *.visualbook.ca, and I remember the previous employees discussing the difficulty of getting the wildcard certificate to work. We have all the sub domains on the same IP, and in the httpd.conf file they're all on the same IP:port.
We have about 4 sub domains that are already all working on the same IP:port, but any new ones we try to set up are not.
I believe we have a wildcard certificate, in the ssl.db file i see *.visualbook.ca, and I remember the previous employees discussing the difficulty of getting the wildcard certificate to work. We have all the sub domains on the same IP, and in the httpd.conf file they're all on the same IP:port.
We have about 4 sub domains that are already all working on the same IP:port, but any new ones we try to set up are not.
ASKER CERTIFIED SOLUTION
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
ASKER
We looked at the bottom of the httpd.conf file, there were 2 includes, a few other includes throughout as well, but all the files that were included were empty files.
We couldn't find an ssl.conf file anywhere on our server either, nor a conf.d directory.
Our httpd.conf file had previously had the <VirtualHost> entries for the new subdomains we set up, but I re-copied them from a working sub domain and changed the info again just to make sure, and the situation didn't change.
We couldn't find an ssl.conf file anywhere on our server either, nor a conf.d directory.
Our httpd.conf file had previously had the <VirtualHost> entries for the new subdomains we set up, but I re-copied them from a working sub domain and changed the info again just to make sure, and the situation didn't change.
where is the httpd.conf file
/etc/httpd/conf/httpd.conf
/etc/apache2/conf/httpd.co
/etc/<match your setup>/conf.d/
What you are looking for is a virtual host entry where it has NameVirtualHost IP Listen 443.
Look at the cpanel setup for the site that works and look at it sub sections if any, look at whether there are two sections, secure web sites, unsecure web sites. etc.
The data might be in a mysql DB......
Navigate through CPANEL and compare the domain references that is working as a basis for the new one you wish to use.
/etc/httpd/conf/httpd.conf
/etc/apache2/conf/httpd.co
/etc/<match your setup>/conf.d/
What you are looking for is a virtual host entry where it has NameVirtualHost IP Listen 443.
Look at the cpanel setup for the site that works and look at it sub sections if any, look at whether there are two sections, secure web sites, unsecure web sites. etc.
The data might be in a mysql DB......
Navigate through CPANEL and compare the domain references that is working as a basis for the new one you wish to use.
ASKER
Our httpd.conf file is
/etc/httpd/conf/httpd.conf
however there is no conf.d/ directory in /etc/httpd/ or /etc/httpd/conf/
We went through all the sub sections in cpanel. There's nothing for secure/unsecure websites, just Security and SSL/TLS. In the SSL/TLS section, the new subdomain is listed, exactly same as the working ones.
We also went through the mySQL databases and couldn't find anything regarding the subdomains, or accounts, etc.
/etc/httpd/conf/httpd.conf
however there is no conf.d/ directory in /etc/httpd/ or /etc/httpd/conf/
We went through all the sub sections in cpanel. There's nothing for secure/unsecure websites, just Security and SSL/TLS. In the SSL/TLS section, the new subdomain is listed, exactly same as the working ones.
We also went through the mySQL databases and couldn't find anything regarding the subdomains, or accounts, etc.
The error you get when visiting deals with user not authorized. There is something missing in your apache configuration. it could be that you exceeded the number of subdomains that can be hosted. From this vantage point I can not say which is the correct answer.
However, you do not get any errors related to the certificate. This is purely a configuration of whether apache will answer your request for the domain you specify.
However, you do not get any errors related to the certificate. This is purely a configuration of whether apache will answer your request for the domain you specify.
ASKER
Thanks for your help Arnold. We found the issue after looking at the places you suggested. It was a database entry configuration issue.
You can only have one dedicated secure site per IP/port combination.
You could use/have multiple secure sites using host headers to differentiate among them but that would require that you have a single certificate with SAN Subject Alternate Names meaning every single subdomain that you want to be secured will have to be referenced/included in the certficate.
If you have multiple IPs, you have to make sure that each subdomain with a certificate is bound to the correct IP
ip1:443 site1
IP2:443 site2
If you only have a single IP, apache will differetiate between them when the connection is http:// unsecure but will not work without the above on the secure site.