Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

SSL Inatallation for cPanel server not working

Posted on 2015-02-08
6
Medium Priority
?
164 Views
Last Modified: 2015-02-08
I have a problem that could be just stupidity on my part but would be good to resolve if possible.

I run several cPanel servers (VPS) for customers of mine and generally they are web servers. Each one of them has cPanel installed with WHM with proper cPanel licence.

I want my customers to know that they are secure when they access the server for their cPanel access, so have purchased and installed commercial certificates (COMODO Essential or Trustwave). However, when I install them, and although the server comes up with "SUCCESS" and a box that says all is done, when I go to the server, I get the HTTPS:// but with a line through it which then says (on some of the servers) untrusted self-signed certificate or (on others) just that the certificate is not trusted. See pic

dee-SSL-Cert.jpg
I have installed the ca_bundle as well on my last purchase, which is from COMODO but this is no different.
The server is at: https://dee.tgis.co.uk:2087 for the WHM installation.

Can anyone help point me in the right direction so that I can resolve this issue?

Any help gratefully received.

Cheers
Chris
0
Comment
Question by:kenwardc
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
6 Comments
 

Author Comment

by:kenwardc
ID: 40597009
If it'll help, you'll notice that the expiry date above appears to be for a self-signed certificate but this new embedded pic shows that it's expiry should be 2016-02-07 and that it's a commercial SSL.

dee-SSL-Cert2.jpg
When I install, this is the screen I see:

dee-SSL-Cert3.jpg
When I elect to install, this is the "success" result:

dee-SSL-Cert4.jpg
Cheers
Chris
0
 
LVL 11

Accepted Solution

by:
RedLondon earned 2000 total points
ID: 40597045
I think you're installing the SSL cert for Apache to use

Aren't you then saying that the SSL presented on WHM, cPanel and POP/IMAP connections is self-signed?

If so, you need to install the SSL cert in WHM using the Manage Service SSL Certificates page inside Service Configuration - see https://dee.tgis.co.uk:2087/scripts2/manageservicecrts
0
 

Author Comment

by:kenwardc
ID: 40597162
RedLondon - you are a star. BANG ON - it's now working on DEE. Thank you so much. I've been going around in circles on this one for months. So pleased I came to EE for the answer after faffing about all over the place.

Cheers
Chris
0
When ransomware hits your clients, what do you do?

MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.

 

Author Closing Comment

by:kenwardc
ID: 40597164
Bang on - thanks RedLondon!
0
 
LVL 11

Expert Comment

by:RedLondon
ID: 40597248
No problem, it's the kind of thing you need someone to tell you about - pretty hidden away in WHM.  Get yourself a cheap 3 or 5 year certificate - if people start using the hostname to connect via SSL for their email, you definitely don't want it expiring on you because on the day that it does, they'll flood you with phone calls asking why their iPhone/Outlook/etc has started warning them that their email has been compromised.

If you've got more than 8-9 servers on the same domain, a Comodo SSL wildcard certificate is only about GBP55 per year instead of the fiver per server otherwise - much easier to slap the same one on every machine.
0
 

Author Comment

by:kenwardc
ID: 40597259
Hi RedLondon

Cool stuff. Thanks again for the solution and cheers for those tips. Yes, we have 8 servers running cPanel so would be a saving to get the wildcard methinks.

All the best
Chris
0

Featured Post

Put Machine Learning to Work--Protect Your Clients

Machine learning means Smarter Cybersecurity™ Solutions.
As technology continues to advance, managing and analyzing massive data sets just can’t be accomplished by humans alone. It requires huge amounts of memory and storage, as well as the high-speed power of the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In 2017, ransomware will become so virulent and widespread that if you aren’t a victim yourself, you will know someone who is.
Worried about if Apple can protect your documents, photos, and everything else that gets stored in iCloud? Read on to find out what Apple really uses to make things secure.
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
Suggested Courses

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question