Solved

SSL Inatallation for cPanel server not working

Posted on 2015-02-08
6
149 Views
Last Modified: 2015-02-08
I have a problem that could be just stupidity on my part but would be good to resolve if possible.

I run several cPanel servers (VPS) for customers of mine and generally they are web servers. Each one of them has cPanel installed with WHM with proper cPanel licence.

I want my customers to know that they are secure when they access the server for their cPanel access, so have purchased and installed commercial certificates (COMODO Essential or Trustwave). However, when I install them, and although the server comes up with "SUCCESS" and a box that says all is done, when I go to the server, I get the HTTPS:// but with a line through it which then says (on some of the servers) untrusted self-signed certificate or (on others) just that the certificate is not trusted. See pic

dee-SSL-Cert.jpg
I have installed the ca_bundle as well on my last purchase, which is from COMODO but this is no different.
The server is at: https://dee.tgis.co.uk:2087 for the WHM installation.

Can anyone help point me in the right direction so that I can resolve this issue?

Any help gratefully received.

Cheers
Chris
0
Comment
Question by:kenwardc
  • 4
  • 2
6 Comments
 

Author Comment

by:kenwardc
Comment Utility
If it'll help, you'll notice that the expiry date above appears to be for a self-signed certificate but this new embedded pic shows that it's expiry should be 2016-02-07 and that it's a commercial SSL.

dee-SSL-Cert2.jpg
When I install, this is the screen I see:

dee-SSL-Cert3.jpg
When I elect to install, this is the "success" result:

dee-SSL-Cert4.jpg
Cheers
Chris
0
 
LVL 11

Accepted Solution

by:
RedLondon earned 500 total points
Comment Utility
I think you're installing the SSL cert for Apache to use

Aren't you then saying that the SSL presented on WHM, cPanel and POP/IMAP connections is self-signed?

If so, you need to install the SSL cert in WHM using the Manage Service SSL Certificates page inside Service Configuration - see https://dee.tgis.co.uk:2087/scripts2/manageservicecrts
0
 

Author Comment

by:kenwardc
Comment Utility
RedLondon - you are a star. BANG ON - it's now working on DEE. Thank you so much. I've been going around in circles on this one for months. So pleased I came to EE for the answer after faffing about all over the place.

Cheers
Chris
0
IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 

Author Closing Comment

by:kenwardc
Comment Utility
Bang on - thanks RedLondon!
0
 
LVL 11

Expert Comment

by:RedLondon
Comment Utility
No problem, it's the kind of thing you need someone to tell you about - pretty hidden away in WHM.  Get yourself a cheap 3 or 5 year certificate - if people start using the hostname to connect via SSL for their email, you definitely don't want it expiring on you because on the day that it does, they'll flood you with phone calls asking why their iPhone/Outlook/etc has started warning them that their email has been compromised.

If you've got more than 8-9 servers on the same domain, a Comodo SSL wildcard certificate is only about GBP55 per year instead of the fiver per server otherwise - much easier to slap the same one on every machine.
0
 

Author Comment

by:kenwardc
Comment Utility
Hi RedLondon

Cool stuff. Thanks again for the solution and cheers for those tips. Yes, we have 8 servers running cPanel so would be a saving to get the wildcard methinks.

All the best
Chris
0

Featured Post

Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

Join & Write a Comment

As a financial services provider, your business is impacted by two of the strictest federal regulations on record: the Sarbanes-Oxley Act and the Gramm-Leach-Bliley Act. Correctly implementing faxing into your organization to provide secure, real-ti…
This paper addresses the security of Sennheiser DECT Contact Center and Office (CC&O) headsets. It describes the DECT security chain comprised of “Pairing”, “Per Call Authentication” and “Encryption”, which are all part of the standard DECT protocol.
The purpose of this video is to demonstrate how to set up the WordPress backend so that each page automatically generates a Mailchimp signup form in the sidebar. This will be demonstrated using a Windows 8 PC. Tools Used are Photoshop, Awesome…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

6 Experts available now in Live!

Get 1:1 Help Now