Can't get SSL Cert Installed

[rwoody]

I've been doing this for years and never had this kind of problem. I created a CSR in WHM for ordering a cert. Using this CSR to order the cert is creating a mismatch. I've been on the phone with the provider and they are telling me that per their system this is correct, nothing matches!! So I went into whm, created a new CSR and once again ordered the cert and we still have a mismatch. Now the one thing I've noticed here is that somehow, WHM created a "self signing" certificate. I didn't create it and I don't know how it magically appeared and I can find no where to remove it. The only place I see it is when generating a CSR it's there and it's there in the SSL manager, yet it is not there in the home directory of the site where I could delete it.

I'm in a real crunch to get this done and I am just dumb founded as what could be creating this issue. By the way an added note: I am creating the SSL with "www" as the preface to the domain to try to "avoid" the ugly error messages as the site's cart config. file is set for "www".

Any suggestions or enlightenment anyone can offer would be much appreciated.

I have also just submitted a ticket to Cpanel, but I was hoping someone might have a quick answer for me.

Thanks in advance for any help offered.

[budway]

And here I tought I was the only one with this problem...


I also am having problems posting/installing a renewed cert.

I even created a new csr and key to issue the crt.

But still is giving miss-match when installing.

[budway]

Analising the error output I notice the key field output is blank while the crt field carry's the inserted .crt data/file.

Mayble we should open a bug ticket.

[bp1942]

... And me, too. Glad to see your post.

I created a new csr, deleted everything and then started all over 4 times with the same result being a mismatch. I've done this several times before also, with no problems at all; now my deadline for renewal is getting to be too close for comfort.

[budway]

At least you didn't remove/delete your old ssl cert. to install the new one.
(I only did to avoid any problems our errors)

I actually generated a new cert. request sign. and did the renew again with and also with new key and still no good.

I have a support ticket that is getting responses pretty fast... (that's good)

[easyhoster1]

I had the same problem a few months ago, looks like during a nightly upcp it removed openssl. See if it exist, if not reinstall it and try again.

[budway]

I was talking to support and they reminded me that the SSL cert Company has to send the key true e-mail.

(Yeah I actually forgot about this), but no e-mail with the key was received...

[easyhoster1]

I was talking to support and they reminded me that the SSL cert Company has to send the key true e-mail.

(Yeah I actually forgot about this), but no e-mail with the key was received...

No, the key is suppose to be generated when you create the CSR. It is suppose to stay on the server. You only submit the CSR (Certificate Siging Request) to the SSL company. They are suppose to only send the SSL Certificate.

Check to make sure the key is on the server through the SSL Manager.

[budway]

Well no e-mail was sent from the server to me with the private key I have checked this and last key generation was sent by the server to the e-mail on the csr contact....

[rwoody]

I'm not sure what was going on, but I put in a support ticket and the folks at Cpanel finally got it installed. I sent them all the keys... RSA, CSR and the Cert.

[budway]

I belive there is some bug on the ssl install true cpanel side (Client login).

They told me they installed ok true WHM.. (Just a head's up for all you guys)

[rwoody]

I originally posted this issue back in November/05 - here I am again. Back in Nov. Cpanel support installed my cert, but when I asked how they got it to work , I did not receive an answer.

Now here I am again, another SSL to install for a customer and no joy... I'm just pulling my hair out over this. This used to be a snap... now no matter what I do I get a key mismatch.

Has anyone figured out exactly how to get these in without Cpanel support doing it for you? Bless their hearts that they take care of it when they have time to get to it, but when a customer is waiting, it's a bit frustrating that I can't take care of a formerly simple task right away.

Hopefully someone has a solution

PROBLEM SOLVED - I'm a bit embarrassed as I didn't catch this at all. For some reason the when the last three or four RSA keys were emailed to me by the system, the lines of encryption were wrapped starting at the top. In other words a return needed to be placed after ------Start RSA Key. It was simply a format error. Once I corrected it all went in just fine.

Garbage in... Garbage out..lol

[handsonhosting]

likewise having the same issue.

I can install the certs with no problem in WHM but not through a clients control panel interface.

WHM 10.8.0 cPanel 10.8.1-R113
Fedora i686 - WHM X v3.1.0

[iconraul]

Hi have a similar problem.

I have some *.old.yyyymmdd certificates and active certificates. How do I remove these certificates? I tried removing the certificate using the Cpanel user interface but it says, "unable to remove because the certificate has already been added to the SSL registry." -or similiar message. Can I do these manually? I just want to clean the SSL Manager (WHM) listing... also, just you guys I have a problem installing SSL certificates as well..

scenario:

siteA -- has certificate installed, can be accessed by https://

siteB -- no cerfificate installed (not an SSL host) but share the same IP as with siteA.. visiting siteB using https:// protocol will have me to siteA's page.

How to I prevent this behaviour from happening? At least if I can store a shared certificate of some sort.. any suggestion?




Thanks Thanks


jun

[daniel.eriksson]

Hi have a similar problem.

I have some *.old.yyyymmdd certificates and active certificates. How do I remove these certificates? I tried removing the certificate using the Cpanel user interface but it says, "unable to remove because the certificate has already been added to the SSL registry." -or similiar message. Can I do these manually? I just want to clean the SSL Manager (WHM) listing... also, just you guys I have a problem installing SSL certificates as well..

scenario:

siteA -- has certificate installed, can be accessed by https://

siteB -- no cerfificate installed (not an SSL host) but share the same IP as with siteA.. visiting siteB using https:// protocol will have me to siteA's page.

How to I prevent this behaviour from happening? At least if I can store a shared certificate of some sort.. any suggestion?




Thanks Thanks


jun

---


Hey there!


You need to add a separate ip for each ssl-certificate you install. as they are domain/ip-specific.
(had the very same issue myself, added a new ip and voila).

best

daniel