Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

cPanel DNSonly HostName SSL Question

Discussion in 'Security' started by vlee, Jun 14, 2017.

  1. vlee

    vlee Well-Known Member

    Joined:
    Oct 13, 2005
    Messages:
    336
    Likes Received:
    18
    Trophy Points:
    168
    Location:
    Spokane, Washington
    cPanel Access Level:
    Root Administrator
    I just noticed that all my servers current Wildcard SSL Certificate were over written with the free cPanel Free Host Name SSL Certificate due it expires in 9 days from now.

    Only the DNS Only servers did not get updated with this feature.

    How do I use cPanel Free Host Name SSL Certificate for my cPanel DNS Only servers?

    This would save me over $100 using these.
     
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    38,658
    Likes Received:
    1,427
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello @vlee,

    Here's a comment from the corresponding feature request regarding free AutoSSL certificates on cPanel DNS-Only servers:

    Thank you.
     
  3. vlee

    vlee Well-Known Member

    Joined:
    Oct 13, 2005
    Messages:
    336
    Likes Received:
    18
    Trophy Points:
    168
    Location:
    Spokane, Washington
    cPanel Access Level:
    Root Administrator
    Thank you Michael


    The problem is when you use a self signed SSL or no SSL since even the cPanel DNS Only server are defaulted to use port 2087 which requires an SSL using using some browsers will not even login due the fact no valid SSL in use.

    I will have to do something in 7 days because my wildcard cert expires so I will have to install cheap SSL's on my cPanel DNS Only servers because I want to save money.

    So if there is a way to fix cPanel DNS Only servers to be forced to use port 2086 instead as default instead of 2087.

    Even though I prefer securing cPanel DNS Only servers with an SSL instead.
     
  4. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    38,658
    Likes Received:
    1,427
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Could you verify which specific browser you are using when reproducing the issue where you are unable to manually trust the self-signed certificate?

    Thank you.
     
  5. vlee

    vlee Well-Known Member

    Joined:
    Oct 13, 2005
    Messages:
    336
    Likes Received:
    18
    Trophy Points:
    168
    Location:
    Spokane, Washington
    cPanel Access Level:
    Root Administrator
    Mostly Current versions of Chrome, Edge, and IE. Sometimes current version of Firefox causes this this issue too.

    I really do not use and do not like Firefox much due to bad past experiences but I have it installed for website testing when developing new websites.

    I mostly use Chrome browser for my primary main browser. All the others are install for website testing when developing new websites only.
     
  6. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    38,658
    Likes Received:
    1,427
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello,

    In my testing, the browser gives the option to add an exception for self-signed certificates rather than denying the connection request. Feel free to open a support ticket so we can take a closer look at the affected system to see if we can reproduce the issue.

    Thank you.
     
  7. vlee

    vlee Well-Known Member

    Joined:
    Oct 13, 2005
    Messages:
    336
    Likes Received:
    18
    Trophy Points:
    168
    Location:
    Spokane, Washington
    cPanel Access Level:
    Root Administrator
    I even tested this on new computer with a fresh Chrome install and does not even give an exception for self-signed certificates it just deny's the request.

    Support ticket will not help because I think it is maybe a browser issue which it drives me crazy. How bad these browsers have gotten these days.

    I checked at server level and the SSL is valid but the browser does not see it that way being it is a self signed SSL.

    I would love to find a browser that is striped down that still has security in it for protection for use for cPanel servers and some other things.

    I just do not go out and download something without knowing due to some many viruses out there that why I stick with legit broken browsers.
     
  8. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    38,658
    Likes Received:
    1,427
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello,

    Could you provide a screenshot of the page you see in Chrome when this happens? Here's what shows up when I test with the latest version of Chrome on Mac OS:

    ssl-warning.png

    Note the arrow to the "Advanced" option, which you can click on and then choose to "Proceed".

    Thank you.
     
  9. vlee

    vlee Well-Known Member

    Joined:
    Oct 13, 2005
    Messages:
    336
    Likes Received:
    18
    Trophy Points:
    168
    Location:
    Spokane, Washington
    cPanel Access Level:
    Root Administrator

    Here is my screen shot without my wildcard SSL Certificate
     

    Attached Files:

  10. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    38,658
    Likes Received:
    1,427
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello,

    Here's a third-party URL where that error message is discussed:

    Chrome "Your Connection is not private"?

    Feel free to open a support ticket using the link in my signature so we can take a closer look if the solutions discussed on that URL are unhelpful.

    Thank you.
     
  11. vlee

    vlee Well-Known Member

    Joined:
    Oct 13, 2005
    Messages:
    336
    Likes Received:
    18
    Trophy Points:
    168
    Location:
    Spokane, Washington
    cPanel Access Level:
    Root Administrator
    I found how to fix it.

    But I will let my wildcard Cert go and just get 3 simple cheap SSL certs instead. Still be saving money this way.
     
Loading...

Share This Page