Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Install SSL without DNS propagating?

Discussion in 'Security' started by rinkleton, Oct 19, 2016.

Tags:
  1. rinkleton

    rinkleton Well-Known Member

    Joined:
    Jul 16, 2015
    Messages:
    97
    Likes Received:
    3
    Trophy Points:
    8
    Location:
    Cleveland
    cPanel Access Level:
    Root Administrator
    Is it possible to install an SSL, preferably autossl, but any other kind could do, before DNS resolves?

    Scenario: We have secure sites we are migrating to another server. It would be great if we could have the SSL all set up when the DNS switchover happens. We can manually do some kind of domain validation like email or a DNS entry. But it looks like WHM does let you install an SSL if the DNS isn't resolved.
     
    #1 rinkleton, Oct 19, 2016
  2. cPLevey

    cPLevey Technical Analyst Supervisor Staff Member

    Joined:
    Dec 3, 2015
    Messages:
    44
    Likes Received:
    8
    Trophy Points:
    83
    Location:
    Houston, TX
    cPanel Access Level:
    Root Administrator
    Hey there!

    cPanel's AutoSSL and SSL certificates from the cPanel Store (Market) require that the domain(s) resolve to a valid IP address for Domain Control Validation checks. However, I noticed in your scenario this is for migrating websites. As long as SSL certificates are installed on the cPanel server the accounts are being migrated from, the Transfer Tool should migrate the SSL certificates with them properly.

    More information regarding the Transfer Tool can be found in our documentation here: Transfer Tool
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #2 cPLevey, Oct 19, 2016
  3. rinkleton

    rinkleton Well-Known Member

    Joined:
    Jul 16, 2015
    Messages:
    97
    Likes Received:
    3
    Trophy Points:
    8
    Location:
    Cleveland
    cPanel Access Level:
    Root Administrator
    After doing a test transfer the cert isn't listed in the store manager or in manage ssl hosts. However I can browse to it. So it seems like it transferred the cert but didn't apply it to the account? It seems like I would have to take some action after the DNS changes. I can test for sure later today.

    Out of curiosity, is it cPanel that is enforcing this Domain Control Validation or is this something out of cPanel's ability to change? The cert in question has already had domain verification done by the issuer, RapidSSL in this case. Just wondering why it needs done again?
     
    #3 rinkleton, Oct 20, 2016
  4. cPanelMichael

    cPanelMichael Technical Support Community Manager Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    46,390
    Likes Received:
    2,046
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hello,

    The domain control validation functionality only applies to the AutoSSL feature. Thus, if you purchased a certificate from RapidSSL, domain validation isn't required. The validation for cPanel-signed certificates is from Comodo. There's a thread here that explains the process:

    cPanel & WHM’s AutoSSL/SSL ordering process

    Let us know if you have any additional questions.

    Thanks!
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #4 cPanelMichael, Oct 25, 2016
  5. rinkleton

    rinkleton Well-Known Member

    Joined:
    Jul 16, 2015
    Messages:
    97
    Likes Received:
    3
    Trophy Points:
    8
    Location:
    Cleveland
    cPanel Access Level:
    Root Administrator
    Got it. In this case there was something wrong with the root certs on this server not letting it install any SSL. We wiped it and started from scratch and seems to be working as you describe.
     
    #5 rinkleton, Oct 25, 2016
    cPanelMichael likes this.
(You must log in or sign up to post here.)
Loading...
Similar Threads - Install without propagating
  1. tomathlm

    AutoSSL Assigning LetsEncrypt cert without it being Installed

    tomathlm, Mar 7, 2019, in forum: Security
    Replies:
    1
    Views:
    429
    cPanelLauren
    Mar 8, 2019
  2. nivekau

    Install AutoSSL cert without disrupting live site?

    nivekau, Nov 4, 2018, in forum: Security
    Replies:
    7
    Views:
    200
    cPanelLauren
    Nov 7, 2018
  3. dezoin

    Wordpress installation in subdirectory vanished without reason

    dezoin, May 30, 2018, in forum: General Discussion
    Replies:
    6
    Views:
    238
    cPanelLauren
    May 30, 2018
  4. nitro76

    New Installation Nameservers Question

    nitro76, Mar 21, 2019 at 2:30 AM, in forum: Bind/DNS/Nameserver
    Replies:
    5
    Views:
    80
    cPanelMichael
    Mar 22, 2019 at 12:30 PM
  5. Costin Moraru

    Installation on CentOS7 with proxy error

    Costin Moraru, Mar 20, 2019 at 8:11 AM, in forum: General Discussion
    Replies:
    1
    Views:
    159
    cPanelLauren
    Mar 21, 2019 at 2:52 PM

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...
    Dismiss Notice