SSL Inatallation for cPanel server not working

Posted on 2015-02-08
Medium Priority
Last Modified: 2015-02-08
I have a problem that could be just stupidity on my part but would be good to resolve if possible.

I run several cPanel servers (VPS) for customers of mine and generally they are web servers. Each one of them has cPanel installed with WHM with proper cPanel licence.

I want my customers to know that they are secure when they access the server for their cPanel access, so have purchased and installed commercial certificates (COMODO Essential or Trustwave). However, when I install them, and although the server comes up with "SUCCESS" and a box that says all is done, when I go to the server, I get the HTTPS:// but with a line through it which then says (on some of the servers) untrusted self-signed certificate or (on others) just that the certificate is not trusted. See pic

I have installed the ca_bundle as well on my last purchase, which is from COMODO but this is no different.
The server is at: https://dee.tgis.co.uk:2087 for the WHM installation.

Can anyone help point me in the right direction so that I can resolve this issue?

Any help gratefully received.

Question by:kenwardc
  • 4
  • 2

Author Comment

ID: 40597009
If it'll help, you'll notice that the expiry date above appears to be for a self-signed certificate but this new embedded pic shows that it's expiry should be 2016-02-07 and that it's a commercial SSL.

When I install, this is the screen I see:

When I elect to install, this is the "success" result:

LVL 11

Accepted Solution

RedLondon earned 2000 total points
ID: 40597045
I think you're installing the SSL cert for Apache to use

Aren't you then saying that the SSL presented on WHM, cPanel and POP/IMAP connections is self-signed?

If so, you need to install the SSL cert in WHM using the Manage Service SSL Certificates page inside Service Configuration - see https://dee.tgis.co.uk:2087/scripts2/manageservicecrts

Author Comment

ID: 40597162
RedLondon - you are a star. BANG ON - it's now working on DEE. Thank you so much. I've been going around in circles on this one for months. So pleased I came to EE for the answer after faffing about all over the place.

Hire Technology Freelancers with Gigs

Work with freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely, and get projects done right.


Author Closing Comment

ID: 40597164
Bang on - thanks RedLondon!
LVL 11

Expert Comment

ID: 40597248
No problem, it's the kind of thing you need someone to tell you about - pretty hidden away in WHM.  Get yourself a cheap 3 or 5 year certificate - if people start using the hostname to connect via SSL for their email, you definitely don't want it expiring on you because on the day that it does, they'll flood you with phone calls asking why their iPhone/Outlook/etc has started warning them that their email has been compromised.

If you've got more than 8-9 servers on the same domain, a Comodo SSL wildcard certificate is only about GBP55 per year instead of the fiver per server otherwise - much easier to slap the same one on every machine.

Author Comment

ID: 40597259
Hi RedLondon

Cool stuff. Thanks again for the solution and cheers for those tips. Yes, we have 8 servers running cPanel so would be a saving to get the wildcard methinks.

All the best

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Worried about if Apple can protect your documents, photos, and everything else that gets stored in iCloud? Read on to find out what Apple really uses to make things secure.
Ransomware is a growing menace to anyone using a computer or mobile device. Here are answers to some common questions about this vicious new form of malware.
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
How to Install VMware Tools in Red Hat Enterprise Linux 6.4 (RHEL 6.4) Step-by-Step Tutorial
Suggested Courses

627 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question