WatchGuard’s Threat Lab is a group of dedicated threat researchers committed to helping you stay ahead of the bad guys by providing in-depth analysis of the top security threats to your network. Check out our latest Quarterly Internet Security Report!
Solved
SSL cert purchase and installation for Cpanel
Posted on 2008-09-30
I'm installing my first certificate (there are others on our server but i did not install them).
I purchased thru SBS an Instant cheap one, since this is just for web forms.
In the end, i get the following WHM error message:
Modulus mismatch, key file does not match certificate. Please use the correct key file
How does one debug something like this?
Is there an overview diagram of:
1. what fields are supposed to match (perhaps when i entered the data, i put an extra space in the street address or something like that) - i cannot tell what is "important" spelling-wise, etc.
2. is there a diagram for where the three certificates (CRT, RSA, CA) are generated?
3. where do (did) i specify whether or not to use "www." prefix?
thanks
I purchased thru SBS an Instant cheap one, since this is just for web forms.
In the end, i get the following WHM error message:
Modulus mismatch, key file does not match certificate. Please use the correct key file
How does one debug something like this?
Is there an overview diagram of:
1. what fields are supposed to match (perhaps when i entered the data, i put an extra space in the street address or something like that) - i cannot tell what is "important" spelling-wise, etc.
2. is there a diagram for where the three certificates (CRT, RSA, CA) are generated?
3. where do (did) i specify whether or not to use "www." prefix?
thanks
[X]
Welcome to Experts Exchange
Add your voice to the tech community where 5M+ people just like you are talking about what matters.
- Help others & share knowledge
- Earn cash & points
- Learn & ask questions
2 Comments
The modulus is the cryptographic algorithm used to create the public/private keypair. If these do not match then either it got corrupted somehow, or more likely you might have generated another CSR (Certificate Signing Request) or removed the original CSR prior to installing the commercial cert.
When you issue a cert, you do it for the server - when you created it may have just been issued to the server name. It should have been issued to the server's FQDN instead (www.yourdomain.com). If this was not done, you would need to get another cert with the correct name. To double check, open up the cert (just double click it) and look at the general tab - if this matches, great, if not then you might also check the Details tab for Subject Alternate Name to see if there might be other names listed there that might match properly.
If you do need to reissue, don't worry. Most commercial CA's understand that problems happen, just call them up or email them and explain the situation and they will normally work with you to get a new CSR created properly and issue a new cert for free (since you already paid for it before - they would just revoke the bad cert). I haven't heard of one yet that doesn't not operate this way.
http://www.cpanel.net/support/docs/11/cpanel/sec_ssl.html
http://www.cpanel.net/support/docs/11//whm/ssl_tls_install_domain.html
You can also try to delete the SSL Host entry in WHM/cPanel by hitting the delete button under the domain ( Main >> SSL/TLS >> Manage SSL Hosts ).
When you issue a cert, you do it for the server - when you created it may have just been issued to the server name. It should have been issued to the server's FQDN instead (www.yourdomain.com). If this was not done, you would need to get another cert with the correct name. To double check, open up the cert (just double click it) and look at the general tab - if this matches, great, if not then you might also check the Details tab for Subject Alternate Name to see if there might be other names listed there that might match properly.
If you do need to reissue, don't worry. Most commercial CA's understand that problems happen, just call them up or email them and explain the situation and they will normally work with you to get a new CSR created properly and issue a new cert for free (since you already paid for it before - they would just revoke the bad cert). I haven't heard of one yet that doesn't not operate this way.
http://www.cpanel.net/support/docs/11/cpanel/sec_ssl.html
http://www.cpanel.net/support/docs/11//whm/ssl_tls_install_domain.html
You can also try to delete the SSL Host entry in WHM/cPanel by hitting the delete button under the domain ( Main >> SSL/TLS >> Manage SSL Hosts ).
Featured Post
Question has a verified solution.
If you are experiencing a similar issue, please ask a related question
We've all had that page pop up telling us there is a problem with the certificate and some of us continue on anyways and others run away to a safer competing site. But what to do when you get the error - is it your problem or theirs? What can you …
SSL stands for “Secure Sockets Layer” and an SSL certificate is a critical component to keeping your website safe, secured, and compliant.
Any ecommerce website must have an SSL certificate to ensure the safe handling of sensitive information like…
- Superb Internet
- Encryption
- E-Commerce
- SSL / HTTPS
- Cybersecurity
- Web Browsers
In this video, Percona Solution Engineer Rick Golba discuss how (and why) you implement high availability in a database environment.
To discuss how Percona Consulting can help with your design and architecture needs for your database and infrastr…
In this video, Percona Solutions Engineer Barrett Chambers discusses some of the basic syntax differences between MySQL and MongoDB.
To learn more check out our webinar on MongoDB administration for MySQL DBA: https://www.percona.com/resources/we…
Suggested Courses
Course of the Month11 days, 3 hours left to enroll
618 members asked questions and received personalized solutions in the past 7 days.
Join the community of 500,000 technology professionals and ask your questions.