cPanel Webdisk Reports SSL is Invalid or Self-Signed, Which is Totally Not True

LibertyTalk

Registered
Oct 15, 2019
2
1
3
Chicago
cPanel Access Level
Website Owner
Hola whilst attempting to drive myself insane today configuring Windows machines for use with webdisk, I was shocked to read upon logging into the company's cPanel that when clicking on 'configure client access' a warning appears stating our SSL is "invalid or self-signed." Oh the humanity!

Partly nauseated from such a blow to my IT guts, I promptly guzzled down my piping hot coffee, took a long slow drag from my much maligned vape and proceeded to check the status of the SSL, which returned A-OK/hunky dory/totally-not-self-signed.

So what gives cPanel, I only have two or three nerves left before complete breakdown so do help me understand this warning message.

Please see these very revealing screenshots heretofore attached.
 

Attachments

  • Haha
Reactions: cPanelLauren

cPanelLauren

Product Owner
Staff member
Nov 14, 2017
13,296
1,252
313
Houston
Hi @LibertyTalk

You're right, there shouldn't technically be anything wrong with that certificate. Is anything noted in cPanel>>Security>>SSL/TLS Status for the domain? Your profile indicates that you're a website owner, do you happen to have root access to this server?
 

LibertyTalk

Registered
Oct 15, 2019
2
1
3
Chicago
cPanel Access Level
Website Owner
Hi @LibertyTalk

You're right, there shouldn't technically be anything wrong with that certificate. Is anything noted in cPanel>>Security>>SSL/TLS Status for the domain? Your profile indicates that you're a website owner, do you happen to have root access to this server?
Hi Lauren, thank you for your timely reply. Indeed I do have root access to the server via WHM & SSH. As for notations in Security>>SSL/TLS nothing out of the ordinary outside of second level subdomains not being covered by wildcard SSL, i.e. www.cloud.libertytalk.fm, etc.
 

Attachments

cPanelLauren

Product Owner
Staff member
Nov 14, 2017
13,296
1,252
313
Houston
Hi @LibertyTalk


Thank for that. It all checks out for the domain, I'm curious about one thing though. If you look at the documentation here: Connect to Web Disk with Third-Party Software - cPanel Knowledge Base - cPanel Documentation

For Windows it notes the following:

To connect to Microsoft® Windows operating systems (for example, Windows® 8 or Windows® 10), perform the following steps:

  1. In your preferred browser, navigate to https://example.com:2078, where example.com represents your server's hostname.
  2. In the Start menu, select My Network Places.
  3. Perform the appropriate actions for your system:
    • Other Windows operating systems — Click the icon for the domain that corresponds to the Web Disk account's domain.
    • Windows® XP Click Add a network place, click Next, select Choose another network location, and then follow the prompts to finish the configuration process.
While it's not entirely clear from that example, I believe this is referencing the hostname of the server (server.example.com) not the domain name (domain.com) and I'm wondering if this isn't looking at your domain's certificate at all but the hostname certificate. with that in mind, does the hostname resolve properly and does it have a valid certificate? This would specifically be a certificate installed at WHM>>Service Configuration>>Manage Service SSL Certificates for the Calendar, cPanel, WebDisk, Webmail, and WHM Services (if the hostname SSL isn't installed for the others you'd want to install for those too)
 

jndawson

Well-Known Member
Aug 27, 2014
284
31
78
Western US
cPanel Access Level
DataCenter Provider
This may or may not be related.

Getting the attached error when trying to connect with a new webdisk setup on a Win7 box. The login popup never happens. Tried with digest auth enabled and not enabled; same error.
webdisk_error.png
Settings are all the same as another webdisk on a different cpanel box. SSL is correct, ports are correct, everything is correct. Logs don't seem to show anything, unless we're looking in the wrong logs.

Going to URL as suggested above opens a browser window with login screen, and the directory appears in the browser window.
 

jndawson

Well-Known Member
Aug 27, 2014
284
31
78
Western US
cPanel Access Level
DataCenter Provider
What logs are you looking at @jndawson the cpdavd_error_log and cpdavd_session_log at /usr/local/cpanel/logs/ should provide some insight.
cpdavd_session_log:
Code:
[2020-04-08 12:17:46 -0700] info [cpdavd] 12.34.56.78 NEW _dav_:OEl1NReAACribU1B app=cpdavd - accepting connections on: 2077 2078,method=libexec/cpdavd.pl:libexec::cpdavd
cpdavd_error_log (no time stamps):
Code:
Use of uninitialized value in numeric eq (==) at libexec/cpdavd.pl line 750.
Use of uninitialized value in numeric eq (==) at libexec/cpdavd.pl line 750.
Use of uninitialized value in numeric eq (==) at libexec/cpdavd.pl line 1104.
Use of uninitialized value in numeric eq (==) at libexec/cpdavd.pl line 1104.
Use of uninitialized value in numeric eq (==) at libexec/cpdavd.pl line 750.
Use of uninitialized value in numeric eq (==) at libexec/cpdavd.pl line 750.
Use of uninitialized value in numeric eq (==) at libexec/cpdavd.pl line 928.
Use of uninitialized value in numeric eq (==) at libexec/cpdavd.pl line 928.
Use of uninitialized value in numeric eq (==) at libexec/cpdavd.pl line 750.
Use of uninitialized value in numeric eq (==) at libexec/cpdavd.pl line 750.
Use of uninitialized value in numeric eq (==) at libexec/cpdavd.pl line 928.
Use of uninitialized value in numeric eq (==) at libexec/cpdavd.pl line 928.
Use of uninitialized value in numeric eq (==) at libexec/cpdavd.pl line 750.
Use of uninitialized value in numeric eq (==) at libexec/cpdavd.pl line 750.
Use of uninitialized value in numeric eq (==) at libexec/cpdavd.pl line 928.
Use of uninitialized value in numeric eq (==) at libexec/cpdavd.pl line 928.
Use of uninitialized value in numeric eq (==) at libexec/cpdavd.pl line 750.
Use of uninitialized value in numeric eq (==) at libexec/cpdavd.pl line 750.
Use of uninitialized value in numeric eq (==) at libexec/cpdavd.pl line 928.
Use of uninitialized value in numeric eq (==) at libexec/cpdavd.pl line 928.
So, nothing that seems useful. Again, using the same Win7 box to connect with webdisk on another server works just fine.
 

cPanelLauren

Product Owner
Staff member
Nov 14, 2017
13,296
1,252
313
Houston
Yea that output isn't giving us anything, unfortunately.

When you attempt to connect is anything noted in the session log or /var/log/messages? Do you have a firewall on this server that could potentially be blocking access?
 

jndawson

Well-Known Member
Aug 27, 2014
284
31
78
Western US
cPanel Access Level
DataCenter Provider
Yea that output isn't giving us anything, unfortunately.

When you attempt to connect is anything noted in the session log or /var/log/messages? Do you have a firewall on this server that could potentially be blocking access?
No, nothing in ~/messages.
Nothing in cpanel access logs that I can see.
Firewall is managed by CSF and ports 2077 & 2078 are open. Only difference between the two servers is the functioning webdisk connects to a Centos 6.10 box, and the non-functioning (non)connects to a CL 7.7 box.