The previous version of TLS which we used with all our servers didn’t recognize HTTPS requests that contained a domain name. It only worked correctly only if an IP address was “asked”. Thus, it was a requirement to have a dedicated IP for each domain that used a secured connection.
Now, with the cPanel version 11.38 and higher, we are able to use SNI.
Server Name Indication (SNI) is an extension to the TLS protocol that indicates what hostname the client is attempting to connect.
This allows a server to present multiple certificates on the same IP address and port number and hence, allows multiple secure (HTTPS) websites (or any other service over TLS).
However, unfortunately, there are a few issues that might appear:
SNI is incompatible with some old versions of web browsers.*
The website will still be available via HTTPS, but a certificate mismatch error will appear.
Ways to resolve the issue: Use a different browser to access the website. Also, if the visitor agrees to use another certificate with an incompatible browser, the requested site will open up normally via HTTPS, but a different certificate will be used to establish a secured connection. On the contrary, all the visitors with incompatible browsers will see a warning message.
If you try to gain HTTPS access using a server IP address, issues might appear.
Using the IP address, the client will receive our “default” certificate which is set for each IP on the server (e.g., serverX.web-hosting.com) and reach the first site hosted on this IP, if an HTTPS request does not have the name of the site specified.
Way to resolve the issue: order a dedicated IP address and assign it to this domain.
If SNI works for you, we will install an SSL without ordering a dedicated IP address.
However, if you require a dedicated IP for your cPanel account, please submit a ticket to our Billing department via our helpdesk.
*The list of browsers that support SNI: