So I have a dedicated server and it’s running a WHM on CENT OS.
I have many domains hosted on it, each with it’s own cPanel.
I don’t want SSL when you access the website, but when I access the domain cpanel it says that the connection is not secure and that I must proceed through an unsecure one if I want to continue.
Can I fix this by installing a single SSL ? The nameservers are all on our main domain, will installing SSL to it fix it for all other domains ?
Or can I install an SSL to the server itself ?
Can you please explain, and guide me into what I have to do to get a free SSL with Let’s Encrypt ? I’m kind of confused
If you want to have it so that it works for every domain, you will need to add all the domainnames as SAN’s on the same certificate ( which is OK if you aren’t going to add / remove domains very often, but easier just to use the server name if these are likely to change )
This server could not prove that it is domain.com; its security certificate is from fex2.servername.com. This may be caused by a misconfiguration or an attacker intercepting your connection.
I see that I must install certbot ? I ended up on this page https://certbot.eff.org/#centosrhel6-apache but these strings $ sudo yum install epel-release I have no idea where to execute it !
The users could login using the server name, and their username / password, however I agree id they don't know the servername, and only their domain name then you ideally need to use a certificate for their domain ( personally I give them instructions to use the servername to access their cpanel - but understand you are not doing it that way )
You could do a redirect on anotherdomain/cpanel to go to https ://fex2.servername.com:2083 which is probably the next easiest solution ( and would redirect them to the secure server login for their domain )
You can obtain a certificate with up to 100 SANs (alternate names) on it, and use that - if 100 domains is sufficient for your server ( so 50 domains with and without www. ) If the domains you host change over time though, this can become tricky to manage (which is why I don't use that method)
You can add an SSL cert on for every domain on the server ( but the /cpanel will still I think get redirected to the sever name / cert )
You either need to install certbot ( the official client) or one of the alternate clients in order to obtain a certificate, yes.
the "sudo yum ..... " commands are shell commands, so you need to SSH into your server to get to the prompt for these commands.
One other option, cpanel are currently working on integrating LetsEncrypt into cpanel, which I understand is due for the next main release ... so if waiting a couple of months isn't too long there may be an easy option for you once they have officially integrated it.