installing whm ssl certificate issue

SubZero

Well-Known Member
Apr 21, 2005
100
0
166
Balmumcu, Istanbul, TR
Today my ssl certificate expired and I want to renew it. got the new crt file from the cacert.org and entered http://host.abcdef.com:2086/scripts2/installcpsslhtml and pasted in my key, domain (host.abcdef.com), crt file. I clicked on Do it button and this is what I get:
Results of your request said:
Install SSL Certificates for Application:
Attempting to verify your certificate.....
Cerificate verification passed!

Verifcation Result [/CN=host.abcdef.com]
Restarting SSL Support..

Certificate has been installed!
now... I close and re-open the browser and enter the https://host.abcdef.com:2087/ it shows me my old ssl crt file is outdated...

anyone came up with a similar issue?
 
Last edited:

Zpeed

Member
Mar 4, 2004
7
0
151
I have exactly the same problem. Been looking everywhere on the server for old info (made sure for example that both /etc/ssl and /usr/share/ssl contain the right stuff). Can't find anything usefull, the only subsystem I managed to update is Exim. CPanel, CPPOP and IMAP all use the old cert. Even after restarting with /etc/inid./cpanel4 start.

I'm starting to think there is a bug somewhere, since this has always worked fine for me!

Found the solution, it's the stunnel bug that's causing this. See

this thread
 
Last edited:

Zpeed

Member
Mar 4, 2004
7
0
151
SubZero said:
have you posted a bug report yet?
Someone else already did, #4164.
Hope they fix it, it might be an annoying small bug for people that do something with their SSL cert.

/Robin
 

borealphil

Member
Oct 21, 2005
13
0
151
cert expired

I had the same problem this morning... The WHM server certificate is expired. I used the "Reset Server Certificates" from WHM but iit did not worked, certificate still expired. Restarted cpanel without succes. Here's what worked for me after a "Reset Server Certificates":
/usr/local/cpanel/etc/init/stopstunnel
/usr/local/cpanel/etc/init/startstunnel

It seems that when reseting the server certificate, stunnel has not been restarted properly.

Good luck!
Phil
 

t9clkclnr

Well-Known Member
Jun 11, 2004
254
0
166
Southern California
stunnel restart did not work for me

however, i did notice that https without the port uses the new cert, but when access the url with a port, it reverts back to the old cert.

strange to me.
 

ffeingol

Well-Known Member
PartnerNOC
Nov 9, 2001
715
280
363
cPanel Access Level
DataCenter Provider
We had the same problem. From a shell prompt kill stunnel. The run service cpanel restart. For some reason (can't remember which script has it wrong) stunnel is not getting killed (and therefore not restarted) so your new cert does not get picked up.

Frank
 

innsites

Well-Known Member
Nov 30, 2005
57
0
156
Yes, Fixed! cert renewed but cpanel says expired.

/usr/local/cpanel/etc/init/stopstunnel
/usr/local/cpanel/etc/init/startstunnel

did not work alone

but then service cpanel restart

and VOILA! Success.

Excellent thread.