1

My host has informed me that I need to purchase a dedicated IP from them in order to use a SSL cert I want to buy. I don't believe them. Is there a way to leave them out of the loop and get this done without purchasing the IP?

I've been using a self-signed certificate for SSL but I am now purchasing one so that users don't get scared by the red strikethrough in the https://. Since I'm not generating my own cert, and I don't have root access with my host, I had to ask them for the CSR, and they refuse to do that until I buy the dedicated IP.

I'm using cPanel/WHM and don't have root access, but all the SSL/TLS stuff seems to work except the CSR generator.

brentonstrine
  • 121

1 Answers1

1

Yes, a dedicated IP address is necessary (except for SNI, which isn't supported in Android 2.x or IE 6/7/8, making it essentially unusable right now).

This is because the host name header is sent as part of the encrypted package. As a result, the server only has the IP address being connected to to figure out which virtual host to attempt to process with.

ceejayoz
  • 33,432