Having fought with this issue myself for some time... Here is how I solved it:
Create a subdomain that is different than your CWP hostname and make sure that you have NS records for it that point to your CWP nameservers.
So for example - if you use cwp.example.com for the hostname, make another subdomain like cp.example.com
Create a new account in CWP for that subdomain - cp.example.com
Assign your SSL certificate, like you would for another user, to that account and domain in the SSL certificate manager in Apache settings.
Then edit /usr/local/cwpsrv/conf.d/cwp-ssl.conf
Listen 2031
<VirtualHost 192.168.0.1:2031>
ServerName 192.168.0.1
SSLEngine on
SSLCertificateKeyFile /etc/pki/tls/cwp-192.168.0.1.key
SSLCertificateFile /etc/pki/tls/cwp-192.168.0.1.cert
SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
</VirtualHost>
Replace the IP address and certificate locations with your subdomain and certificate locations from the account you created:
Listen 2031
<VirtualHost cp.example.com:2031>
ServerName cp.example.com
SSLEngine on
SSLCertificateKeyFile /etc/pki/tls/private/cp.example.com.key
SSLCertificateFile /etc/pki/tls/certs/cp.example.com.cert
SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
</VirtualHost>
Save the file and then restart CWP:
service cwpsrv restart
Now your ssl should work on that subdomain with the login page.
I tried to do this with the hostname I used, but I could never overcome the ssl_protocol errors I would get when I tried to visit the address.
The downside of this is that you have to create a separate account and subdomain.
Hopefully, this helped someone out there struggling to get this working as expected.