1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

cpanel https

Discussion in 'General Discussion' started by host4all, Jan 29, 2010.

  1. host4all

    host4all New Member

    Joined:
    Apr 9, 2003
    Messages:
    20
    Likes Received:
    0
    Trophy Points:
    1
    on one of my servers the https for cpanel doesn't work

    so http://domain.tld/cpanel works fine, but https://domain.tld/cpanel says:

    SSL received a record that exceeded the maximum permissible length.
    (Error code: ssl_error_rx_record_too_long)

    Do I need to activate something in WHM in order to get the https working again?
     
  2. InstaCarma_Tech

    Joined:
    Apr 22, 2009
    Messages:
    228
    Likes Received:
    1
    Trophy Points:
    18
    Is any SSL certificate installed on the server at all?

    If yes then go to Go to WHM >> Service Configuration >> Manage Service SSL Certificates and install it or the required services.
     
  3. madaboutlinux

    madaboutlinux Active Member

    Joined:
    Jan 24, 2005
    Messages:
    1,052
    Likes Received:
    2
    Trophy Points:
    38
    Location:
    Earth
    The error indicates that a default SSL certificate is not installed on the required services. As suggested above, install the default certificate on the services from the "Manage Service SSL Certificates" in WHM.
     
  4. cPanelDon

    cPanelDon cPanel Quality Assurance Analyst
    Staff Member

    Joined:
    Nov 5, 2008
    Messages:
    2,558
    Likes Received:
    6
    Trophy Points:
    38
    Location:
    Houston, Texas, U.S.A.
    When attempting to access a domain via HTTPS, and when not specifying the cPanel port, it will require an SSL certificate being installed on that domain in the Apache configuration; this may be setup using WHM via the following menu path: WHM: Main >> SSL/TLS

    Once the domain has SSL installed then the HTTPS/SSL connection can be negotiated between the Internet browser and the server, Apache, where the HTTP request for the "/cpanel" redirect is received and handled based on the Redirection preferences in WHM Tweak Settings.

    To directly access cPanel via SSL (without needing a domain to have an SSL virtual host in Apache), please try using the following method:
    Code:
    https://server:2083/
     
  5. host4all

    host4all New Member

    Joined:
    Apr 9, 2003
    Messages:
    20
    Likes Received:
    0
    Trophy Points:
    1
    It seems to me that this method is just for a single domain? Or will one install using the SSL/TLS link work for all current and future domains?
     
  6. madaboutlinux

    madaboutlinux Active Member

    Joined:
    Jan 24, 2005
    Messages:
    1,052
    Likes Received:
    2
    Trophy Points:
    38
    Location:
    Earth
    Once the SSL is installed on the cPanel service from "Manage Service SSL Certificates" and Redirection is set from WHM >> Tweak Settings, all http://domain.tld/cpanel will redirect to https://domain.tld/cpanel for current and future domains.
     
  7. cPanelDon

    cPanelDon cPanel Quality Assurance Analyst
    Staff Member

    Joined:
    Nov 5, 2008
    Messages:
    2,558
    Likes Received:
    6
    Trophy Points:
    38
    Location:
    Houston, Texas, U.S.A.
    Using the redirection preferences in WHM Tweak Settings it is possible to access the redirects without SSL and have it automatically go the SSL port for cPanel, WHM, and Webmail; by customizing the redirection options this will apply to all accounts hosted on the same server.

    If accessing the redirects via "https" is required (instead of just allowing the redirect to go the to applicable SSL port), then instead of using a regular user account for the SSL install I would consider using the server hostname with a shared SSL certificate; this involves installing an SSL certificate for the server hostname (via WHM) and setting it as shared. This method will allow HTTPS access using the server hostname with the built-in redirects (like /cpanel, /whm, and /webmail); it will also work for any domains that point to the same IP address as the hostname, such as the main shared IP address.

    For additional reference regarding shared SSL certificate installation please see the following thread: Shared SSL certificate issue - cPanel Forums
     
  8. host4all

    host4all New Member

    Joined:
    Apr 9, 2003
    Messages:
    20
    Likes Received:
    0
    Trophy Points:
    1
    Ok, that worked!

    But now I get security warnings when navigating to one of the domains using https.

    I know this can be resolved using a trusted SSL certificate provider, but will it work with one certificate for my entire server as well, and then will the errors disapear for all domains with just that one trusted certificate? I don't feel like buying individual certificates for every domain hosted on my servers.
     
  9. cPanelDon

    cPanelDon cPanel Quality Assurance Analyst
    Staff Member

    Joined:
    Nov 5, 2008
    Messages:
    2,558
    Likes Received:
    6
    Trophy Points:
    38
    Location:
    Houston, Texas, U.S.A.
    To avoid SSL certificate warnings presented in the browser the SSL certificate must be trusted and the domain being accessed must match the SSL certificate. For example, a paid SSL certificate used with the server hostname can work without triggering warnings when accessing the server hostname via HTTPS.

    If the domain being accessed does not match the SSL certificate then a browser may still display a warning.
     

Share This Page