1. cPanel & WHM Documentation
  2. cPanel Knowledge Base
  3. cPanel Product
  4. Service Subdomains Use the cPanel Service SSL
ssl domains whmadvanced

Service Subdomains Use the cPanel Service SSL

Last modified: 2024 February 19

Overview

We modified Apache’s configuration to properly use service subdomains (proxy subdomains) with SSL.

  • Service subdomain (proxy subdomain) virtualhosts now handle SSL and non-SSL connections separately.

  • Each service subdomain’s (proxy subdomain’s) virtualhost explicitly binds to all of the assigned IP addresses on a server.

  • SSL virtualhost configurations — such as the cpanel, whm, webdisk, and webmail service subdomains (proxy subdomains) — use the cPanel service SSL certificate.

cPanel & WHM enables SNI functionality by default for SSL certificates on service subdomains (proxy subdomains). SNI allows multiple SSL certificates to use a single IP address and port number.

Due to these changes, Apache uses cPanel’s service SSL certificate to secure websites that do not have an SSL certificate. Visitors to sites without an SSL certificate may see an SSL warning, because Apache used cPanel’s service SSL certificate to secure the site.

How to bypass the use of service subdomains (proxy subdomains) and the cPanel service SSL certificate

Warning:
We recommend that you do not bypass your server’s service subdomain (proxy subdomain) configuration.

To prevent the use of the cPanel service SSL certificate for the cpanel, whm, webdisk, and webmail subdomains, you must perform the following steps:

  1. Disable the Service subdomains setting in the Domains section of WHM’s Tweak Settings interface (WHM » Home » Server Configuration » Tweak Settings).

  2. Use cPanel’s Domains interface (cPanel » Home » Domains » Domains) to manually create each service’s subdomain (for example, cpanel, whm, webdisk, and webmail).

  3. Redirect each service’s subdomain to the appropriate secure URL and port as follows:

    • cPanel: cpanel.example.com to https://example.com:2083

    • WHM: whm.example.com to https://example.com:2087

    • Web Disk: webdisk.example.com to https://example.com:2078

    • Webmail: webmail.example.com to https://example.com:2096

When you navigate to webmail.example.com, the server redirects you to https://example.com:2096 and uses the example.com domain’s SSL certificate to secure the connection.

Additional Documentation