Invalid CSRs generated with cPanel

[mholt]

After talking to my SSL provider and web host representatives, I thought I'd open this issue to the community. Searching has yielded few results and only apply to older versions of cPanel.

Today I went to generate a CSR using cPanel's CSR manager. It gave me some cryptic error message that I deciphered. The first time, I used a password that was too complex. So I toned it down and just used a random sequence of letters, numbers, and an underscore in the middle somewhere. It was 20 bytes - the maximum size, apparently.

My SSL provider didn't take the CSR. It contained invalid characters (specifically the "/" character in several spots), according to the automated error message. A live support rep told me the same thing and to contact my host. All three parties verified the validity of the CSR I entered, other than that "/" character in it.

I did this and my web host looked into the issue. They suggested a simpler, less secure password to see what would happen. So, I toned it down to 15 characters with just letters and numbers.

The CSR still contained the invalid "/" character, but when I ran it through the SSL provider, it worked.

So ... I don't know what the deal is. At least now I have a CSR that worked, but what caused it to glitch out before? Has anyone else experienced this?

[mholt]

I'm not one to bump threads, but it's been quite a while now and this is a bit of a concern for me. Someone tell me I'm not the only one having this issue...?

[cpanelkenneth]

SSL Certificate passwords can only contain letters and numbers. Where in the CSR was the / after you simplified your password?