Install a Wildcard SSL Certificate on your VPS or Dedicated Server
Posted by ASO Admin on 20 February 2020 12:50 PM

Installing a wildcard SSL certificate in cPanel isn't super easy and once you have it installed it can be a bit troublesome to take advantage of the wildcard feature.

Some people say that you need a dedicated IP address for every subdomin you want to install SSL on. They might also say that manual edits to the 'httpd.conf' file are needed, or that you shouldn't have any issue with adding subdomains and have them operate with HTTPS.

However, this isn't the case. To install a wildcard SSL on cPanel:

  1. Log in to your WHM account

  2. Navigate to the Security Section, then click SSL/TLS

  3. Under Certificate Signing Requests (CSR) click 'Generate, view or delete SSL certificate signing requests'
    Note: more on CSRs and RSA keys here.

  4. Once the CSR is generated, go ahead and purchase your SSL certificate.
    Note: if you want to order an SSL cert from us, just contact Billing and we'll get it rolling for you. See more info on SSL certificates in our overview article.

  5. When you receive the certificate key, you can now install the certificate; you will need your Certificate Key, Private RSA key, and CA Bundle (Intermediate Certificate) on hand

    Both the Certificate Key and CA Bundle are provided after you order the SSL certificate and it's been approved. The Private RSA Key is provided when you generate the CSR. More info on CSRs and RSAs here.

  6. Log in to cPanel

  7. Click the Install SSL Certificate link

  8. From the Domain dropdown, select the domain that does not have 'www.' in front of it

  9. Now, in doing this, when cPanel generates the block of code in the httpd.conf file, it's going to set the document root to the following:


    And that's ok, but if you want to setup sub domains outside the public_html directory, then the wildcard SSL won't work unless you manually modify the httpd.conf file, which you can't do since it requires root access.

    So, to get around this, we need to use mod_rewrite to redirect requests to the appropriate directory.

  10. When you actually set up a subdomain, you can set the path to the document root, and it's probably best to do something like this:


  11. In the .htaccess file in your public_html directory, for each sub domain that needs an SSL certificate, you will need to add the following:

    RewriteCond %{SERVER_PORT} ^443$
    RewriteCond %{HTTP_HOST} ^sub\.domain\.com$ [NC]
    RewriteCond %{REQUEST_URI} !^/domains/sub\.domain\.com/
    RewriteRule ^(.*)$ /domains/$

    You'll want to replace path with the appropriate data, of course, but it has to reside in the public_html directory (although you could create a symbolic link to a directory outside the public_html directory).


If you're using Magento, you don't have to add anything to your .htaccess file. Simply setup additional stores as parked domains.

(1 vote(s))
This article was helpful
This article was not helpful

Comments (0)
Post a new comment
Full Name:
Help Desk Software by Kayako fusion
ERROR: This domain name (, does not match the domain name in the license key file

For assistance with your license, please contact the Kayako support team: