cPanel Webdisk Reports SSL is Invalid or Self-Signed, Which is Totally Not True

[LibertyTalk]

Hola whilst attempting to drive myself insane today configuring Windows machines for use with webdisk, I was shocked to read upon logging into the company's cPanel that when clicking on 'configure client access' a warning appears stating our SSL is "invalid or self-signed." Oh the humanity!

Partly nauseated from such a blow to my IT guts, I promptly guzzled down my piping hot coffee, took a long slow drag from my much maligned vape and proceeded to check the status of the SSL, which returned A-OK/hunky dory/totally-not-self-signed.

So what gives cPanel, I only have two or three nerves left before complete breakdown so do help me understand this warning message.

Please see these very revealing screenshots heretofore attached.

 

[cPanelLauren]

Hi @LibertyTalk

You're right, there shouldn't technically be anything wrong with that certificate. Is anything noted in cPanel>>Security>>SSL/TLS Status for the domain? Your profile indicates that you're a website owner, do you happen to have root access to this server?

 

[LibertyTalk]

Hi @LibertyTalk

You're right, there shouldn't technically be anything wrong with that certificate. Is anything noted in cPanel>>Security>>SSL/TLS Status for the domain? Your profile indicates that you're a website owner, do you happen to have root access to this server?

Hi Lauren, thank you for your timely reply. Indeed I do have root access to the server via WHM & SSH. As for notations in Security>>SSL/TLS nothing out of the ordinary outside of second level subdomains not being covered by wildcard SSL, i.e. www.cloud.libertytalk.fm, etc.

 

[cPanelLauren]

Hi @LibertyTalk


Thank for that. It all checks out for the domain, I'm curious about one thing though. If you look at the documentation here: Connect to Web Disk with Third-Party Software - cPanel Knowledge Base - cPanel Documentation

For Windows it notes the following:

To connect to Microsoft® Windows operating systems (for example, Windows® 8 or Windows® 10), perform the following steps:

1. In your preferred browser, navigate to https://example.com:2078, where example.com represents your server's hostname.
2. In the Start menu, select My Network Places.
3. Perform the appropriate actions for your system:
   • Other Windows operating systems — Click the icon for the domain that corresponds to the Web Disk account's domain.
   • Windows® XP — Click Add a network place, click Next, select Choose another network location, and then follow the prompts to finish the configuration process.

While it's not entirely clear from that example, I believe this is referencing the hostname of the server (server.example.com) not the domain name (domain.com) and I'm wondering if this isn't looking at your domain's certificate at all but the hostname certificate. with that in mind, does the hostname resolve properly and does it have a valid certificate? This would specifically be a certificate installed at WHM>>Service Configuration>>Manage Service SSL Certificates for the Calendar, cPanel, WebDisk, Webmail, and WHM Services (if the hostname SSL isn't installed for the others you'd want to install for those too)

 

[jndawson]

This may or may not be related.

Getting the attached error when trying to connect with a new webdisk setup on a Win7 box. The login popup never happens. Tried with digest auth enabled and not enabled; same error.

Settings are all the same as another webdisk on a different cpanel box. SSL is correct, ports are correct, everything is correct. Logs don't seem to show anything, unless we're looking in the wrong logs.

Going to URL as suggested above opens a browser window with login screen, and the directory appears in the browser window.

 

[cPanelLauren]

What logs are you looking at @jndawson the cpdavd_error_log and cpdavd_session_log at /usr/local/cpanel/logs/ should provide some insight.

 

[jndawson]

What logs are you looking at @jndawson the cpdavd_error_log and cpdavd_session_log at /usr/local/cpanel/logs/ should provide some insight.

cpdavd_session_log:

[2020-04-08 12:17:46 -0700] info [cpdavd] 12.34.56.78 NEW _dav_:OEl1NReAACribU1B app=cpdavd - accepting connections on: 2077 2078,method=libexec/cpdavd.pl:libexec::cpdavd

cpdavd_error_log (no time stamps):

Use of uninitialized value in numeric eq (==) at libexec/cpdavd.pl line 750.
Use of uninitialized value in numeric eq (==) at libexec/cpdavd.pl line 750.
Use of uninitialized value in numeric eq (==) at libexec/cpdavd.pl line 1104.
Use of uninitialized value in numeric eq (==) at libexec/cpdavd.pl line 1104.
Use of uninitialized value in numeric eq (==) at libexec/cpdavd.pl line 750.
Use of uninitialized value in numeric eq (==) at libexec/cpdavd.pl line 750.
Use of uninitialized value in numeric eq (==) at libexec/cpdavd.pl line 928.
Use of uninitialized value in numeric eq (==) at libexec/cpdavd.pl line 928.
Use of uninitialized value in numeric eq (==) at libexec/cpdavd.pl line 750.
Use of uninitialized value in numeric eq (==) at libexec/cpdavd.pl line 750.
Use of uninitialized value in numeric eq (==) at libexec/cpdavd.pl line 928.
Use of uninitialized value in numeric eq (==) at libexec/cpdavd.pl line 928.
Use of uninitialized value in numeric eq (==) at libexec/cpdavd.pl line 750.
Use of uninitialized value in numeric eq (==) at libexec/cpdavd.pl line 750.
Use of uninitialized value in numeric eq (==) at libexec/cpdavd.pl line 928.
Use of uninitialized value in numeric eq (==) at libexec/cpdavd.pl line 928.
Use of uninitialized value in numeric eq (==) at libexec/cpdavd.pl line 750.
Use of uninitialized value in numeric eq (==) at libexec/cpdavd.pl line 750.
Use of uninitialized value in numeric eq (==) at libexec/cpdavd.pl line 928.
Use of uninitialized value in numeric eq (==) at libexec/cpdavd.pl line 928.

So, nothing that seems useful. Again, using the same Win7 box to connect with webdisk on another server works just fine.

 

[cPanelLauren]

Yea that output isn't giving us anything, unfortunately.

When you attempt to connect is anything noted in the session log or /var/log/messages? Do you have a firewall on this server that could potentially be blocking access?

 

[jndawson]

Yea that output isn't giving us anything, unfortunately.

When you attempt to connect is anything noted in the session log or /var/log/messages? Do you have a firewall on this server that could potentially be blocking access?

No, nothing in ~/messages.
Nothing in cpanel access logs that I can see.
Firewall is managed by CSF and ports 2077 & 2078 are open. Only difference between the two servers is the functioning webdisk connects to a Centos 6.10 box, and the non-functioning (non)connects to a CL 7.7 box.