The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

chkservd question and SSL certs deletion question

Discussion in 'General Discussion' started by enginama, Jul 24, 2013.

  1. enginama

    enginama Member

    Joined:
    Jun 2, 2013
    Messages:
    9
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    2 questions in one here.

    So first of all I had to change my hostname and servername due to some conflicts.

    So as I did I needed to remove the SSL keys/certs which I went through and it left 2 entry's for 'nobody' in my ssl host manager ... I've done a find via ssh to do a manual delete for those files and they don't exist.
    Secondly chkservd is still doing a GET check for that old FQDN.

    I'm trying to find out how to remove the cert/keys entry from the storage manager to clean up and how to remove the old fqdn from chkservd. I've looked in httpd.conf and I see the FQDN in there as a virtual server ... but as I have read deleting it from http.conf won't remove it as their are include files that re-add it.
    Not sure what include files are adding in the SSL key/cert references and what include files are adding in the virtual host that doesn't exist in cpanel anymore.

    Thanks

    Enginama
     
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,854
    Likes Received:
    676
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello :)

    Try looking for instances of the old hostname in the following directory:

    Code:
    /var/cpanel/userdata/nobody
    You can remove the old entries, and then rebuild the Apache configuration file via:

    Code:
    /scripts/rebuildhttpdconf
    You can ensure the new hostname is used for the service SSL certificates via:

    "WHM Home » Service Configuration » Manage Service SSL Certificates"

    If you are attempting to find older certificate files, ensure you also search for this format when using "find" or "locate":

    host_example_com

    Some certificate data is stored with underscores instead of periods.

    Thank you.
     
  3. enginama

    enginama Member

    Joined:
    Jun 2, 2013
    Messages:
    9
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    OK did that ... found the ssl files.
    After rebuilding httpd.conf got error messages
    Missing IP, Servername, port, user, owner , group for <Domain Name>

    must be an include file which still has that FQDN in it loading it into httpd.conf
     
  4. enginama

    enginama Member

    Joined:
    Jun 2, 2013
    Messages:
    9
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    Main and main.cache in nobody both have references to this FQDN .
    But they also hold the new FQDN server name.
    main
    has :
    addon domains: {}
    main_domain: <old FQDN>
    parked_domains: {}
    sub domains:
    <old fqdn hostname>
    <another old fqdn hostname>
    <another old fqdn hostname>
    <New FQDN hostname>
     
  5. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,854
    Likes Received:
    676
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    You can remove the old entries and ensure the new hostname is configured in these files. Note that you can remove the "cache" files completely and they will regenerate with the updated changes.

    Thank you.
     
  6. enginama

    enginama Member

    Joined:
    Jun 2, 2013
    Messages:
    9
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    OK that fixed the chkservd GET issues.

    The nobody SSL key/cert is still showing in the storage manager but only file in /var/cpanel/userdata/nobody is 'main'

    I did a " find / 'd3739*' " and a " find / '*d3739*' which d3739 is the first 5 chars of the key showing in ssl storage manager, but nothing was found.

    Anywhere else it could be ... did a server reboot as well to see if it would remove them after reboot and that didn't work ... so they must stikll be somewhere else.
     
  7. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,854
    Likes Received:
    676
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
  8. enginama

    enginama Member

    Joined:
    Jun 2, 2013
    Messages:
    9
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    Nope no delete option, see attached

    Screenshot from 2013-07-24 11:58:27.png
     
  9. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,854
    Likes Received:
    676
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    The "Apache's Installed SSL Resources" section is documented at:

    Apache's Installed SSL Resources

    You can try searching /usr/local/apache/conf/httpd.conf for these resources. You may also want to try rebuilding the Apache configuration file via:

    Code:
    /scripts/rebuildhttpdconf
    Thank you.
     
  10. enginama

    enginama Member

    Joined:
    Jun 2, 2013
    Messages:
    9
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    Did the rebuild, the SSL file's are gone as cpanel reports no key exists when clicking on magnifying glass.
    Not sure how to get cpanel to report the existence correctly.
     
  11. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,854
    Likes Received:
    676
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    It's difficult to guide you on the exact resolution on this particular issue without access to the server to see the behavior. Feel free to open a support ticket if you want us to take a closer look:

    Submit A Ticket

    You can post the ticket number here so we can update this thread with the outcome.

    Thank you.
     
  12. enginama

    enginama Member

    Joined:
    Jun 2, 2013
    Messages:
    9
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    Ticket no. : 4303741
     
  13. enginama

    enginama Member

    Joined:
    Jun 2, 2013
    Messages:
    9
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    To assist if anyone else comes across this thread :

    References to the certificate were still listed in your server's /var/cpanel/ssl/installed/ssl.db and /var/cpanel/ssl/installed/ssl.db.cache files. I moved these to /root and verified that the certificate no longer shows in Home »SSL/TLS »SSL Storage Manager, which now reports, "No SSL certificates are installed in Apache’s configuration."
     
Loading...

Share This Page