The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Is it possible to share the cPanel self signed SSL?

Discussion in 'General Discussion' started by keyDet79, Dec 19, 2003.

  1. keyDet79

    keyDet79 Well-Known Member

    Joined:
    May 11, 2003
    Messages:
    54
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Netherlands
    I have cpanel running with ssl and can log in with https://server.com:2087, so it should be possible to use shared ssl for the domain itself (server.com) I assume. Anyone know how?
     
  2. SarcNBit

    SarcNBit Well-Known Member

    Joined:
    Oct 14, 2003
    Messages:
    1,010
    Likes Received:
    3
    Trophy Points:
    38
    You said you were using the certificate for server.com, and then you asked if you could use it for server.com? What are you asking?

    If you run a search, you should find more than a few posts dealing with the sharing of an SSL cert.

    In the event of a self-signed cert, your visitors are going to receive a security warning upon viewing your site.
     
  3. keyDet79

    keyDet79 Well-Known Member

    Joined:
    May 11, 2003
    Messages:
    54
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Netherlands
  4. RaveKnights

    RaveKnights Well-Known Member

    Joined:
    Nov 5, 2003
    Messages:
    81
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Some Where Out There!
    If you are talking about cpanel / whm self signed cert you can use it to enter your website via https:// like so

    https://your.fullhostname.com/~username

    username of any account that is on your server, this even includes your main account.

    try it out!
     
  5. keyDet79

    keyDet79 Well-Known Member

    Joined:
    May 11, 2003
    Messages:
    54
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Netherlands
  6. TCSLEA

    TCSLEA Active Member

    Joined:
    Oct 29, 2003
    Messages:
    36
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Austin, T E X A S
    Is mod_userdir enabled? I think it has to be, in order to get to an account that way... log into WHM and go to "Tweak Security" then enable mod_userdir.
     
  7. keyDet79

    keyDet79 Well-Known Member

    Joined:
    May 11, 2003
    Messages:
    54
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Netherlands
    Thanks but that didn't help.
     
  8. TCSLEA

    TCSLEA Active Member

    Joined:
    Oct 29, 2003
    Messages:
    36
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Austin, T E X A S
    I'm guessing that main.vibehosting.com is the hostname for your server, which hosts some virtual sites, among which is an account with the username "vibehost"...

    I'm thinking maybe your httpd.conf has something wrong if it's not working. Maybe you can post the contents of your httpd.conf file (may be located in /usr/local/apache/conf) starting with the line "NameVirtualHost" and whatever is below it... the part where it's defining your virtual sites. Specifically, I'd be looking for lines that begin with <IfDefine SSL>...

    I'm fairly new at this too, but maybe we will figure it out...
     
  9. keyDet79

    keyDet79 Well-Known Member

    Joined:
    May 11, 2003
    Messages:
    54
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Netherlands
    Well I did a search for 'ssl' in it and these are the values I have:

    <IfDefine SSL>
    AddModule mod_ssl.c
    </IfDefine>

    <IfDefine SSL>
    Listen 80
    Listen 443
    </IfDefine>

    <IfDefine SSL>
    AddType application/x-x509-ca-cert .crt
    AddType application/x-pkcs7-crl .crl
    </IfDefine>

    <IfModule mod_ssl.c>
    SSLPassPhraseDialog builtin
    SSLSessionCache dbm:/usr/local/apache/logs/ssl_scache
    SSLSessionCacheTimeout 300
    SSLMutex file:/usr/local/apache/logs/ssl_mutex
    SSLRandomSeed startup builtin
    SSLRandomSeed connect builtin
    SSLLog /usr/local/apache/logs/ssl_engine_log
    SSLLogLevel info
    </IfModule>
     
  10. TCSLEA

    TCSLEA Active Member

    Joined:
    Oct 29, 2003
    Messages:
    36
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Austin, T E X A S
    If those are the only sections dealing with SSL, I'd speculate something is missing... I would think you need a section to define the virutual host that the SSL certificate applies to...

    Something like this perhaps, but maybe not exactly like this :

    <IfDefine SSL>
    <VirtualHost 69.31.79.2:443>
    ServerAdmin admin@vibehosting.com
    DocumentRoot /home/vibehost/public_html
    <IfModule mod_userdir.c>
    UserDir enabled vibehost
    </IfModule>
    ServerName vibehosting.com
    CustomLog /usr/local/apache/domlogs/vibehost.com-ssl_log "%t %{version}c %{cipher}c %{clientcert}c"
    User vibehost
    Group vibehost
    <IfModule mod_php4.c>
    php_value open_basedir "/home/vibehost:/usr/lib/php:/usr/local/lib/php:/tmp:/var/tmp" <-- or something similar
    </IfModule>
    SSLEnable
    SSLCertificateFile /usr/share/ssl/certs/vibehost.com.crt
    SSLCertificateKeyFile /usr/share/ssl/private/vibehost.com.key
    SSLLogFile /var/log/vibehost.org
    UserDir public_html
    ScriptAlias /cgi-bin/ /home/vibehost/public_html/cgi-bin/
    SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
    </VirtualHost>
    </IfDefine>
     
  11. jsteel

    jsteel Well-Known Member

    Joined:
    Jul 4, 2002
    Messages:
    646
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Atlanta, GA
    The cPanel core system runs on it's own httpd server, which is not the same as the Apache server your customers use for their sites, and as a result, the certificate used for ports 2087/2083/2096 is not installed within the main Apache server by default. You are basically comparing apples to oranges here as they are two distinctly different entities.
     
  12. TCSLEA

    TCSLEA Active Member

    Joined:
    Oct 29, 2003
    Messages:
    36
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Austin, T E X A S
    In that case, does the cPanel core server use it's own httpd.conf? If so, where is that one?
     
  13. keyDet79

    keyDet79 Well-Known Member

    Joined:
    May 11, 2003
    Messages:
    54
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Netherlands
    I got it working with TCSLEA's example btw, thanks.
     
Loading...

Share This Page