Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 444
  • Last Modified:

How do I fix a "certificate error" with my web host?

My web host doesn't seem to be able to explain this to me.  I am a small one-person web design company.

When I go to the WHM cpanel from my home computer - MSIE gives me a "certficate error" indicating that it is not safe to proceed.

What, where, how do I fix this?  

Do I have to pay for a certficate?  I do not accept credit cards and neither do any of my clients.

Thanks.
0
aprillougheed
Asked:
aprillougheed
  • 3
  • 2
2 Solutions
 
majidhajaliCommented:
if you are using sharing hosting, you cannot use certificates except your hosting company place a shared certificate for all the users to use that.
so, that certificate may not trusted by your browser.
for solving your problem, open the certificate and select install certificate and place the certificate in trusted root certificate authorities store.
after that, you shouldn't see the error message.
0
 
aprillougheedAuthor Commented:
Where do I "open the certificate" ??   Is that something I do for MSIE?  Like under Internet Options/Tools/Content?  

I see a Certificate with my name on it for "Other People" under Content - but I'm unable to select and remove it.

It is indeed expired.

Surely there is some web site tutorial that explains step by step how to solve this issue.

Thanks.
0
 
majidhajaliCommented:
To view certificates in the MMC snap-in

   1.

      Open a Command Prompt window.
   2.

      Type mmc and press the ENTER key. Note that to view certificates in the local machine store, you must be in the Administrator role.
   3.

      On the File menu, click Add/Remove Snap In.
   4.

      Click Add.
   5.

      In the Add Standalone Snap-in dialog box, select Certificates.
   6.

      Click Add.
   7.

      In the Certificates snap-in dialog box, select Computer account and click Next. Optionally, you can select My User account or Service account. If you are not an administrator of the computer, you can manage certificates only for your user account.
   8.

      In the Select Computer dialog box, click Finish.
   9.

      In the Add Standalone Snap-in dialog box, click Close.
  10.

      On the Add/Remove Snap-in dialog box, click OK.
  11.

      In the Console Root window, click Certificates (Local Computer) to view the certificate stores for the computer.
  12.

      Optional. To view certificates for your account, repeat steps 3 to 6. In step 7, instead of selecting Computer account, click My User account and repeat steps 8 to 10.
  13.

      Optional. On the File menu, click Save or Save As. Save the console file for later reuse.
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 
RedLondonCommented:
By default, WHM uses a self-signed certificate to secure connections between your PC and the WHM interface on port 2087 (ie https://servername.domain.com:2087/)

Your PC will alert you to the fact that this signature is untrusted because it is not signed by a trusted authority.  You can tell your PC that you trust that certificate and things will work as normal, but ideally your webhost would purchase a proper certificate instead of using WHM's selfsigned one.  This would need cost them no more than about $20 per year, and would mean that neither you nor anyone else using the WHM or cPanel interface via SSL would see the warnings relating to self-signed and untrusted certificates.  The same certificate can be used for secure connections to POP3, SMTP and IMAP services on the server without any warnings about certificate trustworthiness.

A separate issue, irrespective if the SSL cert in use being a self-signed (ie, untrusted) or a proper (ie Thawte, Geotrust, Godaddy, RapidSSL, Comodo, Verisign) certificate is that each certificate has a valid from and a valid until date.  If you try to connect to a secure connection and the certificate is not valid, you will get a warning to that effect.  This could happen if your PC's clock/calendar is wrong (ie the certificate might be valid until December 2011 but if your PC thinks today is 17 Feb 2012 then it will erroneously warn you that the certificate is invalid).

Since you say that you are getting a warning that the SSL cert has expired, you need your webhost to take action.  At no charge they can get the WHM server to regenerate a new self-signed certificate for each of the cPanel, FTP, POP3, IMAP and SMTP services - this will mean new connections see a valid certificate but they will still warn that the certificate was not issued by a trusted authority (ie, the server made it up itself).  For $9.95 (via http://www.namecheap.com/ssl-certificates/geotrust-ssl-certificates.aspx) they can buy a RapidSSL certificate signed by Geotrust which will obviously be valid now (so no expiry date warnings) and since it is signed by a trusted authority, there'd be no untrusted warnings either.

To me, for $9.95pa it's a no brainer.  Irrespective of it being a better solution than a self-signed one, if it saves a host just one support call per year it has paid for itself.  There is no reason why they would not do this.  You cannot do it: the WHM SSL certificate is specific to the server's hostname, not unique to each account on the server, so WHM supports only one certificate.  Only the server administrator can do this.
0
 
aprillougheedAuthor Commented:
Wow.  I wish I could award both answers 500 points.  Just super fantastic brillant answers.

Since I can't give you both 500 points  -- I'll have to split it.

Thank you so very very much.
0
 
aprillougheedAuthor Commented:
Fantastic job!
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now