SSL certificates on websites are now the norm. They are also useful for subdomains, such as testing environments etc. This post looks at using unlimited ssl subdomains in cpanel, whilst optionally using cloudflare. It doesn’t have to be hard to set up, but there are some requirements to keep in mind.
Prerequisites
For hosting, you’ll need (obviously) a cpanel account with ‘AutoSSL’ enabled. At the time of writing, this will allow you to easily self-sign multiple domains & subdomains using Let’sEncrypt SSL certificates. You won’t need to mess around with certificate signing, verifying keys or anything. Check with your hosting provider if you’re not sure whether you have AutoSSL enabled. You’ll also need to be relatively familiar with setting things up in cPanel.
(Optional) cloudflare setup
If your domain goes through cloudflare, you’ll need to ensure that your subdomain and SSL/TLS configuration is set up correctly.
Under SSL/TLS > Overview menu, make sure you have your encryption mode set to full. This will ensure that cloudflare doesn’t get in the way of the SSL you’re going to be using on your server:
Don’t forget to also add your subdomain under dns > records. Add one for each subdomain you want to have:
‘Name’ is the name of your subdomain, so in my example it would be test.yourdomain.com. theIPv4 address is the ip address of your cpanel hosting server. This should be clearly visible in your cPanel hosting login area. If not sure, check with your hosting provider.
If you can access your website and you’re getting an insecure connection warning (i.e it’s using http rather than https) then you can force https on cloudflare by going to SSL/TLS > Edge Certificates and enabling this option:
Otherwise you’ll need to modify your .htaccess file in your cPanel account for your website.
Set up a subdomain in cPanel
On your main cPanel control panel you’ll want to do the following:
- click on domains
- click the Create a new Domain button
- type in the box the domain that you want to create. This should include your subdomain, so for example test.yourdomain.com
- uncheck the share document root checkbox
- you will need to specify a folder where your subdomain files live. Ideally this should be a different folder to where your main website lives.
- click the submit button
Once this is done, AutoSSL should just set up the certificate for you automatically. You can check the status in the cPanel control panel by going to Security > SSL/TLS Status. On the status page, type in your domain to filter the results. Your subdomain should already be listed and should have this next to it:
If, for any reason there are any issues, try clicking on the Run AutoSSL button which will trigger another automatic signing of certificates. Hopefully this should resolve most issues with adding unlimited ssl subdomains in cpanel.
Troubleshooting
The SSL page in cPanel shows this error: The installed certificate does not cover this domain. The certificate will renew via AutoSSL, but this domain will be excluded. This is probably because you set your subdomain directory to be the same as your main website. You’ll need your subdomain to be in a completely different folder. For example:
- /hostingdirectory/test.yourdomain.com/public_html
- /hostingdirectory/yourdomain.com/public_html
The SSL page in cPanel shows this error: DNS DCV: No local authority: ‘test.yourdomain.com’; HTTP DCV: ‘test.yourdomain.com’ does not resolve to any IP addresses on the internet. Double check you have things set up correctly in cloudflare. Note that there may be a delay with cloudflare due to caching.
Note that any change that’s made on the SSL page in cPanel, will need a configuration refresh by clicking on the Run AutoSSL button again. You can do this to resolve the DNS error above, once you have made the changes in cloudflare.
Final note: in case your website is setup with WordPress, check out this article: WordPress HTTPS Redirect Problem? Destroy it Like a Boss