Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

API Integration Questions

Discussion in 'cPanel Developers' started by MrTechie, Apr 10, 2012.

  1. MrTechie

    MrTechie Registered

    Apr 10, 2012
    Likes Received:
    Trophy Points:
    cPanel Access Level:
    Reseller Owner
    Ok so for starters and reference, I am working with GlobalSign's OneClick SSL for cPanel (seen here):

    OneClickSSL cPanel Downloads

    So far in my experience, their integration has been a bit touch and go in regards to the
    installation and getting this to work properly. I haven't yet figured out whether this is
    in regards to GlobalSign issues or something with cPanel that I am missing, but that's why I am here.

    So onward...

    GlobalSign's API call is made like such:


    So I am a php guy - not a perl person, so please let's try to keep this php based.

    So I have tried a few different ways to set this up

    First way:
    I had the line like this:
    $query =  "";
    And then used the simple Authentication process I found on cPanel's site in order to make the call.
    Because it's WHM, I understand that I have to use the Remote Access Key in order to sign in with.

    So with my proper details set, this was my php code:

    $curl curl_init();
    $header[0] = "Authorization: WHM $whmusername:" preg_replace("'(\r|\n)'","",$whmhash);

    $result curl_exec($curl);
    While using the entire $query string, I was getting the famous: No Data Received message - like this:


    So I got to thinking, ok maybe the script was timing out or something. So I set
    a few php.ini vars to see if that helped - but to no avail.

    So after racking my brain even more, I began to figure out that cPanel and the api call
    weren't working properly together. The reason I concluded was because that WHM had
    it set to use Security Tokens thus creating the /cpess{token}/ but the script wasn't
    allowing for the token to pass to the $query line. Ok so how do we address it? Simple,
    after turning off the Security Token Feature in WHM with root access, and for making sure
    it stuck - a restart of apache, all seemed to be fine, and the token urls were gone.

    So back to the script I went to try to call it yet again. And got the same results:


    So I wanted to make sure the actual api calls worked so what I did was logged
    into WHM with Security Tokens Off, as root, and then in that same browser window
    I copied and pasted the actual url for the $query line, and hit enter. After about 30
    seconds of wait time - I got the valid xml response telling me the SSL has been installed.

    So I load up the site using the https parameter, and checked the ssl details and sure enough,
    it was valid from an install it had just done.

    So I am not brought to this point. Here's a couple things I am having issues with and
    I am sincerely hoping that I can get some input with this.

    One thing that I did notice was that after shutting off the Security Token and turn off
    'Require SSL' in the tweak setting - WHM still forced me to go to:
    after I had typed in - which means it wants me to use the SSL login.

    I think that is why my script is faulting out as well because during the login/authentication
    process - it's switching - or attempting to, over to the 2087 thus trying to make me use the SSL.

    So when I set the $query to use the https and the 2087, I still get the Error message.

    So I said ok let me try something. So I shortened $query just to be:

    and ran the script. I didn't get the error message but I got a white page. So when I viewed
    the source of the page (because echo "<pre>"; print_r($result); echo "</pre>"; was set)
    I noticed that I was getting what seems to be the page for WHM because the title has WHM - sol
    which is the same title I have when I normally login to WHM, as well as the
    'This page uses frames, but you dont have them activated on your browser' message.
    And also this at the very bottom before the closing pre tag:

    <!-- Web Host Manager [] (c) cPanel, Inc. 2011 Unauthorized copying is prohibited -->

    So that tells me that I am at least logging in ok to WHM so this has something to do with the api call
    and the passing during my curl process.

    Which brings me to the next part of this and my next question.

    When using the API's for cPanel, should one be using the POST method or just
    getting the results of the curled page (ie: $query)?

    Does anyone have an updated version of my php code they would like to share
    that may help to get this to process the right way?

    This project is extremely important and completely depends on the ability to
    successfully install SSL's on the fly, and GlobalSign apparently can do that,
    but it's just a matter of getting the integration with the cPanel api set right.

    Just as a side note, I did download the php script for the API integrations and
    I tore apart "xmlapi.php" in regards to the curl/authentication process to try to
    see if I could get the API to place nice with it that way too - and I was getting
    the same results - No Data Error message.

    So I am hoping that DanN will step in here, because after reading the forums
    many of times for different things, he really seems to know his stuff and I think
    he could probably help out on this one. But I will be willing to discuss this with
    anyone - as it's vital to the success of this project.

    Thanks for your time and sorry about the lengthy write up, but you should
    have a clear understanding of what I am dealing with.

  2. KostonConsulting

    KostonConsulting Well-Known Member

    Jun 17, 2010
    Likes Received:
    Trophy Points:
    San Francisco, CA
    cPanel Access Level:
    Root Administrator
    The GlobalSign OneClickSSL API call takes significantly longer than most API calls. If your PHP script is timing out, you'll want to make sure that your php max_exeuction_time setting in /usr/local/lib/php.ini is set to something higher than the standard 30 seconds as the OneClickSSL process can take between 25 and 45 seconds to complete. Try changing this value below:

    ; Resource Limits ;
    max_execution_time = 30
    Also, if the server certificate is self signed, try changing this option for curl from:

    curl_setopt($curl, CURLOPT_SSL_VERIFYPEER,1); 

    curl_setopt($curl, CURLOPT_SSL_VERIFYPEER,1); 

    I personally haven't had much luck with the WHM access hash auth in PHP but maybe DavidN can be of more help.

    This type of auth has worked fine for me:

    $header[0] = 'Authorization: Basic ' .  base64_encode("$whmuser:$password");
    curl_setopt($curl, CURLOPT_HTTPHEADER, $header);
    You may want to test that you can make other API calls with your PHP code and if so, it's likely the timeout that is the problem.
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice