Inconsistent Password Generator for CSR

thobarn

Well-Known Member
Apr 25, 2008
152
1
68
sanctum sanctorum
cPanel 11.25.0-R46156 - WHM 11.25.0

Under Main >> SSL/TLS >> Generate a SSL Certificate and Signing Request there is a password generator. This generator behaves inconsistently in multiple ways:

(Uppercase, Lowercase and Numbers selected throughout)

  • This generator never generates a password that will result in green Password Strength bar, (though it is possible to get a green bar on the form occasionally by manually entering a password).
  • Entering, say 15, into Password Length and repeatedly pressing Regenerate, will generate passwords with the apparent strength values cycling between 60/100 (red) to 90/100 (yellow).
  • Two passwords are generated, with values 8 and 24 respectively in the Password Length field. According to the indicator, password 3Ms2NLw2 is very strong (90/100) whereas password YuJYrgPnkvZgljefMiMaugzZ is OK (60/100). This is because no numbers are included in latter although it is selected in options. The problem is there with other combinations of checkboxes too, i.e. selected option does not appear in the generated password sometime.

FYI

Edited to add. Also, CSR request fails if a password longer than 20 characters is given, (though there is no warning and happily accepted and processed by the generator) until one presses Create and the form is processed server side. By then the values entered are lost and one must re-enter everything :(
 
Last edited:

cPanelKenneth

cPanel Development
Staff member
Apr 7, 2006
4,607
79
458
cPanel Access Level
Root Administrator
That password generator is replaced in 11.25.1 and no longer has the flaws mentioned.