The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

AutoSSL fails when httpd runs as "nobody"

Discussion in 'Security' started by JonGold, Feb 7, 2017.

Tags:
  1. JonGold

    JonGold Registered

    Joined:
    Feb 7, 2017
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Brooklyn
    cPanel Access Level:
    Root Administrator
    I recently inherited a server running CPanel/WHM. I was able to successfully install the AutoSSL plugin, but when running it I routinely received 404 errors. I read many posts on here about 404 errors with AutoSSL, but in my case, it's because httpd is running as "nobody", and the AutoSSL script sets the permissions on the "acme-challenge" folder to "750", so the "nobody" user can't read them.

    I tried settings chattr +i to prevent the script from changing the permissions after I manually set them to 755, but autossl_check fails when it can't set the permission on the "acme-challenge" folder.

    How do I work around this?
     
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    37,086
    Likes Received:
    1,288
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello,

    The following case was included in cPanel version 62.0.1 to address this issue:

    Fixed case CPANEL-10642: Cpanel::SSL::DCV set wrong permissions on acme-challenge.

    Could you verify which version of cPanel is installed on this system? You can check with the following command:

    Code:
    cat /usr/local/cpanel/version

    If you are using a version newer than 62.0.1, you should be able to remove the immutable attribute on the script to correct the problem.

    Thank you.
     
Loading...

Share This Page