How to stop users creating CSR's?

[GordonH]

I thought that cpanel would only allow this if the domain was on a unique IP address.
It appears that this is not the case.
I now need to prevent customers creating CSR's or installing certificates themselves because they buy certs for domain.com when they meant www.domain.com and then blame us and ask us to buy the replacement cert.

I could edit the skins but with 100+ servers thats not a realistic option.

Any ideas that work?

 

[Manuel_accu]

Hi,

There is option in WHM -> tweak setting -> in "System" headers --> "Allow cPanel users to install SSL Hosts if they have a dedicated ip."
please uncheck it

 

[GordonH]

Unfortunately that does not work.
Our servers are already set like that and nobody has a unique IP but you can still generate a CSR in cpanel and take it to get a certificate.

 

[ffeingol]

Edit the default feature list and uncheck "SSL Manager"?

That appears to do the trick for us and no-one but "us" has access to SSL manager.

Frank

 

[Manuel_accu]

Hi,

Go to WHM Feature Manager - Edit your default set of feaure manager and uncheck the below mentinoed Item and save it:

SSL Host Installer
SSL Manager


Thanks,

Mitul S.

 

[GordonH]

Thanks
I have done that now on all the servers.

To speed up the process I just went to this URL for each server:

http://[servername]:2086/scripts2/dofeaturemanager?action=editfeature&feature=default