Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Client's SSL certificate suddenly invalid?

Discussion in 'General Discussion' started by junglecat, Jul 21, 2006.

  1. junglecat

    junglecat Well-Known Member

    Joined:
    Jul 6, 2004
    Messages:
    168
    Likes Received:
    0
    Trophy Points:
    166
    WHM 10.8.0 cPanel 10.8.2-R119
    Fedora i686 - WHM X v3.1.0

    I searched the forums and didn't find this one. A client uses a SSL cert for her site. I installed it for her several months ago and no issues until now.

    For the last several days, when you visit the client's site, you get a popup saying Website certified by an unknown authority.

    The client contacted the cert issuer and they said the problem is on the server end. I tried reinstalling and the server says the certificate is invalid.

    I rebuilt apache and that didn't help. How can I troubleshoot this?
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  2. sfxx

    sfxx Member

    Joined:
    May 31, 2003
    Messages:
    22
    Likes Received:
    0
    Trophy Points:
    151
    Make sure what the popup error says.
    I guess the error is either related to
    -hostname
    -Expiration date


    Does it say it's expired?
    Or, are you accessing the site with the correct hostname?
    (if the cert is obtained with a hostname "www.domain.tld", you get error if you access the site with an URL "domain.tld" with out "www")

    Hope this helps.
     
  3. junglecat

    junglecat Well-Known Member

    Joined:
    Jul 6, 2004
    Messages:
    168
    Likes Received:
    0
    Trophy Points:
    166
    It's not expired. I've gone to the site with and without the www and the same thing happens.

    Here is what it says:

    [​IMG]


    When you click examine certificate, this is what comes up:


    [​IMG]

    [​IMG]
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  4. astopy

    astopy Well-Known Member

    Joined:
    Apr 3, 2003
    Messages:
    166
    Likes Received:
    0
    Trophy Points:
    166
    cPanel Access Level:
    Root Administrator
    I'm having exactly the same problem with my certificate for WHM/cPanel. Since I updated to cPanel 10.8.2 the other day, firefox complains that it doesn't recognise the certifying authority. However, it has no problem with another cert on another (non-cpanel) server from the same authority.
     
  5. jester.ro

    jester.ro Well-Known Member
    PartnerNOC

    Joined:
    Feb 6, 2004
    Messages:
    304
    Likes Received:
    0
    Trophy Points:
    166
    Location:
    Bucharest, Romania
    cPanel Access Level:
    DataCenter Provider
    well, it seems normal to me?

    is gpt-pal.com a trusted issuer for certificates?

    That looks like a self-signed certificate. For a certificate to not give that warning, the issuer has to be listed in firefox as a trusted certification authority (like geotrust, verisign, equifax)

    The issuer has to be a trusted authority.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  6. junglecat

    junglecat Well-Known Member

    Joined:
    Jul 6, 2004
    Messages:
    168
    Likes Received:
    0
    Trophy Points:
    166
    Why was it working for months and then suddenly not working? What exactly is a "self signed" certificate. The certificate was purchased from a trusted issuer.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  7. sfxx

    sfxx Member

    Joined:
    May 31, 2003
    Messages:
    22
    Likes Received:
    0
    Trophy Points:
    151
    I don't know why it was working fine, but "self signed" certificate is a cert you create on your own.(For example, you can create one with WHM).
    If you have purchased one from a trusted authority, try re-installing the cert.
     
  8. junglecat

    junglecat Well-Known Member

    Joined:
    Jul 6, 2004
    Messages:
    168
    Likes Received:
    0
    Trophy Points:
    166
    As I said in my first post, I tried reinstalling and the server says the certificate is invalid.
    The company that issued the certificate says the problem is on the server end.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  9. sfxx

    sfxx Member

    Joined:
    May 31, 2003
    Messages:
    22
    Likes Received:
    0
    Trophy Points:
    151
    You should make sure that the cert file "/usr/share/ssl/certs/doman.crt" is actually updated.
    And restart httpd.
     
  10. junglecat

    junglecat Well-Known Member

    Joined:
    Jul 6, 2004
    Messages:
    168
    Likes Received:
    0
    Trophy Points:
    166
    /usr/share/ssl/certs/domain.crt doesn't exist. Where else would I look for domain.crt ?
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  11. sfxx

    sfxx Member

    Joined:
    May 31, 2003
    Messages:
    22
    Likes Received:
    0
    Trophy Points:
    151
    You might want to try this

    Code:
    locate gpt-pal.com.crt
     
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice