LogoفارسیFA

How Service Subdomains Use the cPanel Service SSL and How Subaccounts Set Their Initial Password

This article explains how service subdomains in cPanel & WHM use the cPanel service SSL certificate and how administrators can bypass this behavior if needed. It also describes the user experience when a Subaccount is invited to set its initial password through the User Manager interface.

cPanel service SSLservice subdomainsSubaccount password setup

~3 min read • Updated Feb 17, 2026

1. How Service Subdomains Use the cPanel Service SSL


cPanel & WHM updated Apache’s configuration to ensure that service subdomains (also known as proxy subdomains) properly handle SSL and non‑SSL connections. Each service subdomain now has separate virtualhosts for secure and non‑secure traffic.


1.1 How the New System Works


  • Each service subdomain has its own SSL and non‑SSL virtualhost.
  • Each virtualhost binds to all IP addresses assigned to the server.
  • SSL virtualhosts for cpanel, whm, webdisk, and webmail use the cPanel service SSL certificate.
  • SNI is enabled by default, allowing multiple SSL certificates on a single IP and port.

1.2 Result of These Changes


If a website does not have its own SSL certificate, Apache will use the cPanel service SSL certificate. This may cause visitors to see SSL warnings because the certificate does not match the domain.


2. How to Bypass the Use of Service Subdomains and the cPanel Service SSL


Warning: Bypassing service subdomain behavior is not recommended.


Steps to Disable Service Subdomains:


  • Disable Service Subdomains in:
    WHM » Home » Server Configuration » Tweak Settings
  • Manually create each service subdomain in:
    cPanel » Home » Domains » Domains
  • Redirect each service subdomain to the correct secure URL:

Required Redirects:


  • cPanel → https://example.com:2083
  • WHM → https://example.com:2087
  • WebDisk → https://example.com:2078
  • Webmail → https://example.com:2096

After this configuration, for example, navigating to webmail.example.com redirects the user to https://example.com:2096 and uses the domain’s SSL certificate instead of the cPanel service SSL.


3. Subaccount Initial Password Setup Guide


When creating a Subaccount in the User Manager, you can require the user to set their own initial password. This section explains what the Subaccount user experiences.


3.1 Invitation Process


  • Create a Subaccount and select The user will set the account password.
  • The Subaccount user receives a welcome email containing a password‑setup link.

Example Email:


From: cPanel for example on example.com
Subject: Welcome to your new account
Your new account username is [email protected]
Set your password at:
https://server.example.com:2083/[email protected]&cookie=xxxx

3.2 User Password Setup


  • The user clicks the link in the email.
  • The cPanel interface prompts them to enter a new password.
  • They confirm the password and click Set Password.
  • The system confirms the update and displays the Subaccount’s active services.

Conclusion


Service subdomains rely on the cPanel service SSL certificate by default, ensuring consistent SSL behavior across core services. Administrators can bypass this behavior if necessary by manually configuring service subdomains. Additionally, the Subaccount password setup process provides a simple and secure onboarding experience for new users.


Written & researched by Dr. Shahin Siami

Next Article