Planned for 11.34 Calculate Key/Cert Modulus on Install SSL Certificate Dialog [Case 56255]

[AdamV]

When installing an SSL certificate, cPanel fetches a previous private key automatically when a new certificate is pasted into the form. This key's modulus may or may not match the modulus of the certificate, and there is no way to know until you submit the form whether or not the modulus is correct.

To save time and confusion, and hopefully lower the number of support requests for everyone running cPanel, I suggest the following:

* When a new SSL certificate is pasted into the form, cPanel will fetch the private key using the same or similar method as it does now.

* Once fetched, cPanel will calculate the modulus of the key and the new certificate. If there is a mismatch, the form cannot be submitted or will produce a warning near the submit button.

* In the event of a mismatch, cPanel can then check the previously archived keys for a given domain.tld combo or cPanel username and check to see if any of the archived keys matches. Should it match, that key is substituted.

Calculating the modulus of a key or certificate is an extremely quick operation, and would conceivably only add to system load when a server has an extremely high number of key/cert pairs (IPv6 SSL or deployed for many, many years) which is relatively unlikely.

[cPanelDavidG]

Update: This functionality has an ETA of 11.34