The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Inconsistent Password Generator for CSR

Discussion in 'General Discussion' started by thobarn, Jul 28, 2010.

  1. thobarn

    thobarn Well-Known Member

    Apr 25, 2008
    Likes Received:
    Trophy Points:
    sanctum sanctorum
    cPanel 11.25.0-R46156 - WHM 11.25.0

    Under Main >> SSL/TLS >> Generate a SSL Certificate and Signing Request there is a password generator. This generator behaves inconsistently in multiple ways:

    (Uppercase, Lowercase and Numbers selected throughout)

    • This generator never generates a password that will result in green Password Strength bar, (though it is possible to get a green bar on the form occasionally by manually entering a password).
    • Entering, say 15, into Password Length and repeatedly pressing Regenerate, will generate passwords with the apparent strength values cycling between 60/100 (red) to 90/100 (yellow).
    • Two passwords are generated, with values 8 and 24 respectively in the Password Length field. According to the indicator, password 3Ms2NLw2 is very strong (90/100) whereas password YuJYrgPnkvZgljefMiMaugzZ is OK (60/100). This is because no numbers are included in latter although it is selected in options. The problem is there with other combinations of checkboxes too, i.e. selected option does not appear in the generated password sometime.


    Edited to add. Also, CSR request fails if a password longer than 20 characters is given, (though there is no warning and happily accepted and processed by the generator) until one presses Create and the form is processed server side. By then the values entered are lost and one must re-enter everything :(
    #1 thobarn, Jul 28, 2010
    Last edited: Jul 28, 2010
  2. cPanelKenneth

    cPanelKenneth cPanel Development
    Staff Member

    Apr 7, 2006
    Likes Received:
    Trophy Points:
    cPanel Access Level:
    Root Administrator
    That password generator is replaced in 11.25.1 and no longer has the flaws mentioned.

Share This Page