Change default apache server.crt

bloatedstoat

Well-Known Member
Jun 14, 2012
183
24
68
Victoria, Australia
cPanel Access Level
Root Administrator
I purchased an SSL certificate that matches the server name.

The below command however, results in the default SSL certificate installed by our server supplier showing up:

Code:
openssl x509 -in /etc/apache2/conf.d/ssl.crt/server.crt -noout -subject
subject= /[email protected]/CN=ded.serversupplier.com.au
How can I change it so that our own SSL certificate is used?

Secondly, within SSL storage manager under User Account SSL Resources there is the following line:

The SSL resources below are available to your account

Here are a whole slew of certificates, mostly from the server supplier when the server was provisioned and in the mix there appears our own certificate. Is it safe to delete the server supplier ones leaving the one I bought and would it affect the system adversely if they were deleted?

Thank you!
 

bloatedstoat

Well-Known Member
Jun 14, 2012
183
24
68
Victoria, Australia
cPanel Access Level
Root Administrator
What type of SSL you have purchased ? is it wildcard SSL or a multi domain SSL
and have you installed this SSL on server hostname ?
It is not a wildcard cert, the certificate is solely for name.domain.com.au which is the server's hostname.
I have installed it as the service certificate for exim, cpanel, whm, ftp etc; from within Service Configuration > Manage Service SSL Certificates.

How do I update Apache so that the name.domain.com.au certificate replaces the one currently found at /etc/apache2/conf.d/ssl.crt/server.crt?

Thanks.
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,909
2,228
463
Hello,

You should be able to install the certificate for the server's hostname via:

"WHM Home » SSL/TLS » Install an SSL Certificate on a Domain"

Could you let us know of any specific error messages you encounter when using this option?

Thank you.
 

bloatedstoat

Well-Known Member
Jun 14, 2012
183
24
68
Victoria, Australia
cPanel Access Level
Root Administrator
"WHM Home » SSL/TLS » Install an SSL Certificate on a Domain"
Could you let us know of any specific error messages you encounter when using this option?
Thanks Michael, I attempted the update and received the following:

The domain "hostname.domainname.com.au" is not managed on this server. You must specify an IP address to install SSL for "hostname.domainname.com.au" or set up this domain on a new account, or create it as parked domain, a subdomain, or an addon domain of an existing account, and try again.
Just to clarify, this is to replace the certificate in /etc/apache2/conf.d/ssl.crt/server.crt which is outputting:

Code:
openssl x509 -in /etc/apache2/conf.d/ssl.crt/server.crt -noout -subject
subject= /[email protected]/CN=ded.serversupplier.com.au
I'd like the output to be hostname.domainname.com.au.

Thanks.
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,909
2,228
463
Just to clarify, this is to replace the certificate in /etc/apache2/conf.d/ssl.crt/server.crt which is outputting:

Code:
openssl x509 -in /etc/apache2/conf.d/ssl.crt/server.crt -noout -subject
subject= /[email protected]/CN=ded.serversupplier.com.au
I'd like the output to be hostname.domainname.com.au.

Thanks.
Hello,

You can manually populate the /etc/apache2/conf.d/ssl.crt/server.crt and /etc/apache2/conf.d/ssl.key/server.key files with CRT and KEY of your new certificate.

Thank you.