The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Glitch in Cpanel? SSL Install, chained ssl

Discussion in 'General Discussion' started by bmcpanel, Jul 18, 2006.

  1. bmcpanel

    bmcpanel Well-Known Member

    Joined:
    Jun 1, 2002
    Messages:
    546
    Likes Received:
    0
    Trophy Points:
    16
    WHM 10.8.0 cPanel 10.8.2-E291
    RedHat Enterprise 4 i686 - WHM X v3.1.0

    A client purchased an SSL cert from GoDaddy... the $29.99 one that is chained. Anyway, I installed it with the CA Bundle, and everything points correctly where it is supposed to (I've done this a hundred times), but the little message pops up when you view the site saying the CA (cert authority is untrusted).

    Now, I reinstalled the cert and I noticed the following on the readout. Noticed the red text item.

    Attempting to verify your certificate..... Cerificate verification passed!
    Verifcation Result [/C=us/ST=illinois/L=chicago/O=mass storage/OU=sales/CN=www.sanitized.com/emailAddress=mycustomer@aol.net error 18 at 0 depth lookup:self signed certificate OK]



    Did you notice? "Self signed certificate OK? WTF? This is not a self-signed cert!!
    IS THIS A GLITCH IN CPANEL? This is the $29.99 chained ssl cert from godaddy. I've been trying to get this right all day. I am convinced the problem is not me and not my install. SOmething else must be going on here.

    This is what the ssl section for the domain in httpd.conf looks like.

    SSLEnable
    SSLCertificateFile /usr/share/ssl/certs/www.somedomain.com.crt
    SSLCertificateKeyFile /usr/share/ssl/private/www.somedomain.com.key
    SSLCACertificateFile /usr/share/ssl/certs/www.somedomain.com.cabundle
    SSLLogFile /usr/local/apache/domlogs/www.somedomain.com-ssl_data_log
     
  2. bmcpanel

    bmcpanel Well-Known Member

    Joined:
    Jun 1, 2002
    Messages:
    546
    Likes Received:
    0
    Trophy Points:
    16
    The strangest thing, but this customer did send me a self-signed certificate. He doesn't know how it happened. I don't know how it happened. But the cert was self-signed and therefore, the popup window stating the CA is not trusted will always be there on a self-signed cert.
     
  3. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    I'd guess that he sent you the cert he got when the was CSR was generated in confusion rather than the real one from the CA.
     
Loading...

Share This Page