SSL Info Being Removed After Nightly CPanel Update!!!

[nitromax]

Hello,

I have a serverwide SSL certificate setup on my server, and it seems to be working just fine. However, every night, after CPanel updates my server, all of the info in the /usr/local/apache/conf/httpd.conf file which defines the serverwide SSL certificate is automatically removed! Of course SSL no longer functions. I then have to copy and paste it back in and restart apache.

First of all, does anyone know why it keeps removing this info from the httpd.conf file? It seems to leave other custom entries in that file, but not the SSL info I have specified.

And second, when that SSL code is in the httpd.conf file and you try to restart apche from the WHM, the WHM gives the following error message:

&httpd has failed, please contact the sysadmin.&

... the thing is, it really does restart apache and there are no apparent problems. I'm sure it saying it for a reason, I'm just not sure what that is. Does Any one know what's happening here? Of course when CPanel removes the code every night you can restart apache from the WHM and that error message doesn't display, becuase it plucked the offensive code out of the file.

Here is the code that it is automatically removed. Do I have something messed up here? Is there a different way to do it?

## Serverwide SSL Start ##

&IfDefine SSL&

&Directory /home/*&
Options FollowSymLinks ExecCGI Indexes
AllowOverride All
&/Directory&

&VirtualHost _default_:443&
ServerAdmin support@yourhostserver.com
ServerName www.secureserver4.com
ServerAlias 157.238.132.6
DocumentRoot /usr/local/apache/htdocs
TransferLog /usr/local/apache/logs/ssl_log
ErrorLog /usr/local/apache/error.log

UserDir public_html
Options Indexes FollowSymLinks ExecCGI Includes

SSLEngine on
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile /usr/local/apache/conf/ssl.crt/server.crt
SSLCertificateKeyFile /usr/local/apache/conf/ssl.key/server.key

# Client Authentication (Type):
SSLVerifyClient 0
SSLVerifyDepth 10

#SSLOptions +FakeBasicAuth +ExportCertData +CompatEnvVars +StrictRequire
&Files ~ &\.(cgi|shtml|phtml|php3?)$&&
SSLOptions +StdEnvVars
&/Files&
&Directory &/usr/local/apache/cgi-bin&&
SSLOptions +StdEnvVars
&/Directory&

SetEnvIf User-Agent &.*MSIE.*& \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0

CustomLog /usr/local/apache/logs/ssl_request_log \
&%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \&%r\& %b&

&/VirtualHost&
&/IfDefine&

## End Serverwide SSL ##


Any help would be appreciated!


--
Chad Roadhouse

[nitromax]

Actually we removed the &IfDefine& open and close tag. And we've experamented with taking various things out. Still being removed on nightly updates.

As an added issue that we need help with right away... We have several customers that have their own SSL certificate. We tried adding one of them in to the system thru the CPanel function that does that, and once it added the code into the httpd.conf file Apache wouldn't restart. I had to go in a comment out the SSL code it put in there. Why is apache not restarting???

Can anyone show me an httpd.conf file that has the approriate code in it to run and listen to port 80 and 443 that is not getting removed from the httpd.conf file every time CPanel updates? Is there a way to setup SSL in it's own httpd.conf file like Alabanza had it, so that it works with CPanel?

[PPNSteve]

Actually we removed the &IfDefine& open and close tag. And we've experamented with taking various things out. Still being removed on nightly updates.

As an added issue that we need help with right away... We have several customers that have their own SSL certificate. We tried adding one of them in to the system thru the CPanel function that does that, and once it added the code into the httpd.conf file Apache wouldn't restart. I had to go in a comment out the SSL code it put in there. Why is apache not restarting???

Can anyone show me an httpd.conf file that has the approriate code in it to run and listen to port 80 and 443 that is not getting removed from the httpd.conf file every time CPanel updates? Is there a way to setup SSL in it's own httpd.conf file like Alabanza had it, so that it works with CPanel?

if you are using the new apache builds in cPanel, just put your ssl code in an include file using the includes editor..