The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Client's SSL certificate suddenly invalid?

Discussion in 'General Discussion' started by junglecat, Jul 21, 2006.

  1. junglecat

    junglecat Well-Known Member

    Joined:
    Jul 6, 2004
    Messages:
    168
    Likes Received:
    0
    Trophy Points:
    16
    WHM 10.8.0 cPanel 10.8.2-R119
    Fedora i686 - WHM X v3.1.0

    I searched the forums and didn't find this one. A client uses a SSL cert for her site. I installed it for her several months ago and no issues until now.

    For the last several days, when you visit the client's site, you get a popup saying Website certified by an unknown authority.

    The client contacted the cert issuer and they said the problem is on the server end. I tried reinstalling and the server says the certificate is invalid.

    I rebuilt apache and that didn't help. How can I troubleshoot this?
     
  2. sfxx

    sfxx Member

    Joined:
    May 31, 2003
    Messages:
    22
    Likes Received:
    0
    Trophy Points:
    1
    Make sure what the popup error says.
    I guess the error is either related to
    -hostname
    -Expiration date


    Does it say it's expired?
    Or, are you accessing the site with the correct hostname?
    (if the cert is obtained with a hostname "www.domain.tld", you get error if you access the site with an URL "domain.tld" with out "www")

    Hope this helps.
     
  3. junglecat

    junglecat Well-Known Member

    Joined:
    Jul 6, 2004
    Messages:
    168
    Likes Received:
    0
    Trophy Points:
    16
    It's not expired. I've gone to the site with and without the www and the same thing happens.

    Here is what it says:

    [​IMG]


    When you click examine certificate, this is what comes up:


    [​IMG]

    [​IMG]
     
  4. astopy

    astopy Well-Known Member

    Joined:
    Apr 3, 2003
    Messages:
    165
    Likes Received:
    0
    Trophy Points:
    16
    cPanel Access Level:
    Root Administrator
    I'm having exactly the same problem with my certificate for WHM/cPanel. Since I updated to cPanel 10.8.2 the other day, firefox complains that it doesn't recognise the certifying authority. However, it has no problem with another cert on another (non-cpanel) server from the same authority.
     
  5. jester.ro

    jester.ro Well-Known Member
    PartnerNOC

    Joined:
    Feb 6, 2004
    Messages:
    304
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Bucharest, Romania
    cPanel Access Level:
    DataCenter Provider
    well, it seems normal to me?

    is gpt-pal.com a trusted issuer for certificates?

    That looks like a self-signed certificate. For a certificate to not give that warning, the issuer has to be listed in firefox as a trusted certification authority (like geotrust, verisign, equifax)

    The issuer has to be a trusted authority.
     
  6. junglecat

    junglecat Well-Known Member

    Joined:
    Jul 6, 2004
    Messages:
    168
    Likes Received:
    0
    Trophy Points:
    16
    Why was it working for months and then suddenly not working? What exactly is a "self signed" certificate. The certificate was purchased from a trusted issuer.
     
  7. sfxx

    sfxx Member

    Joined:
    May 31, 2003
    Messages:
    22
    Likes Received:
    0
    Trophy Points:
    1
    I don't know why it was working fine, but "self signed" certificate is a cert you create on your own.(For example, you can create one with WHM).
    If you have purchased one from a trusted authority, try re-installing the cert.
     
  8. junglecat

    junglecat Well-Known Member

    Joined:
    Jul 6, 2004
    Messages:
    168
    Likes Received:
    0
    Trophy Points:
    16
    As I said in my first post, I tried reinstalling and the server says the certificate is invalid.
    The company that issued the certificate says the problem is on the server end.
     
  9. sfxx

    sfxx Member

    Joined:
    May 31, 2003
    Messages:
    22
    Likes Received:
    0
    Trophy Points:
    1
    You should make sure that the cert file "/usr/share/ssl/certs/doman.crt" is actually updated.
    And restart httpd.
     
  10. junglecat

    junglecat Well-Known Member

    Joined:
    Jul 6, 2004
    Messages:
    168
    Likes Received:
    0
    Trophy Points:
    16
    /usr/share/ssl/certs/domain.crt doesn't exist. Where else would I look for domain.crt ?
     
  11. sfxx

    sfxx Member

    Joined:
    May 31, 2003
    Messages:
    22
    Likes Received:
    0
    Trophy Points:
    1
    You might want to try this

    Code:
    locate gpt-pal.com.crt
     
Loading...

Share This Page