Adding LetsEncrypt certs to a cPanel account with more than 100 domains using AutoSSL

We recently had to add Let’s Encrypt SSL certs to a cpanel account which contained over 100 parked domains (or domain aliases, as they are now called)

The problem is that Lets Encrypt has a 100 domain limit for SAN certs (multiple domains on the same certificate). In reality that limit is 50, because you have to issue certs for both the non-www and www versions of the domain to ensure effective non-www to www redirect (or vice versa)

The WHM AutoSSL function adds an SSL certificate for each Apache virtual host. Parked domains are included in the account domain’s virtual host, so AutoSSL will try to add all the parked domains to the same SSL certificate, adding as many as it can before the domain limit is reached.

However if you add each domain to the account as an add-on domain, cPanel creates an Apache virtual host for each add on domain, and AutoSSL will issue a seperate certificate for each host.

So the solution in our case, was to remove all our parked domains, and turn them into add-on domains pointing at the account domain’s web root.

Comments are closed.