SSL Certificate with Multi Site Install and Secure Pages
| Project: | Secure Pages |
| Version: | 5.x-1.6 |
| Component: | Code |
| Category: | support request |
| Priority: | normal |
| Assigned: | Unassigned |
| Status: | active |
Jump to:
I am not sure if this is the best place to ask the question but since Secure Pages requires the server to have an SSL, I figured someone may have the answer here.
Anyways, I have a site under the multi install of Drupal, so the site is located at public_html/sites/example.com and the main domain located at public_html (where drupal is installed) and the main domain has the SSL. When I install the module on the multi domain (public_html/sites/example.com) it finds the SSL and everything works just fine except:
It warns that the certificate is associated with another domain address (the main domain). This is a huge problem specifically in IE because it basically tells the person to avoid the site.
I have tried creating my own SSL ("an untrusted certificate") through Cpanel with the second site's domain but the Secure Pages or just the site continues to use the SSL for the main domain.
Does anyone know how to get around this certificate issue with Multi Domain install?
Also, the secondary sites are PARKED (ex.. site2.maindomain.com) to access the same drupal install.
#1
Each SSL site must have separate IP address - is this the case?
#2
I don't believe that would be the case because in a Multi Site Install every site uses the same drupal code, there for the same IP.
Plus, its not warning me about in IP its just saying the SSL is licensed to another Domain, so I need the license to have multiple domains accepted OR probably more likely have the browser believe the parked domain IS the same as the main domain. I was reading about a possible Mod_rewrite but not sure how to do it or if that is even the solution.
#3
SSL certificate is issued to only one domain name. (even yoursite.com and www.yoursite.com need different certificates)
What you can do is redirect user from parked domain to the main domain, which has correct certificate and would not raise any warnings
#4
How would I go about redirecting to the main domain?
The problem there is I don't want the viewer to leave the site they are on.
I tried creating a SSL certificate for the second/parked domain ("untrusted"), but it won't find the second SSL. It just reads the original on the main domain.
#5
You're trying to reach unreachable goal. You cannot redirect and remain on the same site simultaniously :)
Once again:
a) you cannot install more than one certificate on sites sharing the same IP address. Parked domains simply point to the main domain, so they use the same IP for sure.
b) if you have domains a.com (main) and b.com (parked), there is no way to install certificate for a.com and display https://b.com without warning. You can do nothing about it. Solution is to check if visitor typed https://b.com/something.html (just an example) and redirect him in this case to https://a.com/something.html
#6
I was afraid of that and was in denial. You can always hope, right?
Thanks for your help.