Is there a way to disable the SSL login into /webmail or /cpanel

[m0rpheu5]

Hello guys, i already tried to disable the "Always redirect to SSL" on Tweak Settings but not works, still appearing the message that there is a problem on my certificate, how can o fix this?

Is there any kind of SSL certificate that i can use in /webmail, /cpanel and /whm, or i need to buy many SSL certificates?

Where can i find this certificates for a good price?

Thanks

 

[cPanelTristan]

The certificate warning will still occur on https pages as that warning does not have to do with a redirection to SSL but whenever you hit cPanel or WHM using https if the SSL certificate is a self-signed certificate.

If you want to no longer have an untrusted warning, you would need to purchase a certificate from an SSL provider, then install that certificate using WHM > Manage Service SSL Certificates area. The certificate would need to be generated in WHM > SSL/TLS > Generate a SSL Certificate and Signing Request area for the server's hostname, then the CSR generated would be used with the SSL provider to purchase an SSL certificate.

 

[Infopro]

Hello guys, i already tried to disable the "Always redirect to SSL" on Tweak Settings but not works, still appearing the message that there is a problem on my certificate, how can o fix this?

Is there any kind of SSL certificate that i can use in /webmail, /cpanel and /whm, or i need to buy many SSL certificates?

Where can i find this certificates for a good price?

Thanks

You can use the server SSL if you like. If you need your customer to see /https://hisdomain.com:2087 then yes sure you'll need to purchase a cert for the domain. But, if you just want to be sure all connections for webmail and cpanel are on secure ports, you can do that with what you have right now.

Force users to use SSL and redirect to /https://your.hostname.com Once there they'll need to install that cert in browser, or add the exception for the server. In doing so you are on the proper domain for the cert and the cert is valid for that hostname.

 

[m0rpheu5]

Ok, i got a SSL Cert, and i already installed, but i got one problem, some days ago i was using Pl*sk control panel, and the access to webmail was by http://webmail.domain.com, and if i try to access the http://webmail.domain.com this URL isn´t redirect to my SSL hostname to access webmail, but if i try to access http://www.domain.com/webmail the URL redirect to my SSL hostname and i get SSL worked.

How can i fix to ALL my client´s that try to access webmail.domain works with ssl or redirect to my SSL hostname?

Thanks

 

[m0rpheu5]

how can i redirect ALL webmail.myclientsdomain to https://myhostname:2096/horde/index.php if i do that will work fine.

Thanks

 

[Infopro]

Try this:

WHM > Server Configuration > Tweak Settings > Redirection tab:

Always Redirect to SSL On

Non-SSL redirect destination Hostname

SSL redirect destination SSL Certificate Name

WHM > Server Configuration > Tweak Settings > Security tab:

Require SSL On

Explain to your users that they should use domain.com/webmail/ and domain.com/cpanel/ as they are easy to remember. Using them will forward all users to the secure port. Once they arrive at the hostname.yourserver.com URL, they'll want to install the certificate into the browser. (I'll assume you know how to do this to explain to them)

About going directly to horde, you can't get there directly, you come to a webmail options page where you can select your favorite email client offered by cPanel. (Horde, Roundcube, Squirrelmail) If more than one is made available to your users. You can set a timer though to take you right in and skip that window. But right in is another click still.


HTH!

 

[gkgcpanel]

Here's a problem with the above scenario...

We have a customer that is pointing his A record for his website somewhere else. Only his email is here on our servers. So they have to go to webmail.domainname.tld to log onto webmail. They don't want an SSL cert. We require the SSL login, but to let you know I also disabled that to test a theory and it still requires SSL Login (even with that option turned off in Tweak Settings).

The work around I came up with just now, was to create a subdomain called webmail2 and then managed redirection to our main server which has an SSL cert on it.

Just letting you know that disabling the SSL Requirement for cpanel and webmail does not work. I'm still asked to log on securely.

 

[nmavra]

Just letting you know that disabling the SSL Requirement for cpanel and webmail does not work. I'm still asked to log on securely.

Any updates about this?
This is still a serious issue. I don't want to force my customers to ignore certificate errors when they just want to check their webmail...

 

[storminternet]

Hello,

At which URL your customer is accessing webmail. You will receive ssl warnings while accesssing webmail at secure port if there is no valid ssl certificate installed on hostname or domain name

 

[feldon27]

Hello guys, i already tried to disable the "Always redirect to SSL" on Tweak Settings but not works, still appearing the message that there is a problem on my certificate, how can o fix this?

Just letting you know that disabling the SSL Requirement for cpanel and webmail does not work. I'm still asked to log on securely.

Even though I have "Always redirect to SSL" set to Off, all of these:

http://cpanel.mywebsite.com
http://mywebsite.com/cpanel
http://mywebsite.com:2082

redirect to:

https://mywebsite.com:2083/

I have a user who is unable to connect to SSL through a different port like this. They need just plain http://cpanel.mywebsite.com/ to work.

 

[feldon27]

Found the solution. Edit /var/cpanel/cpanel.config directly. Set requiressl=0.

Turn off ssl cPanel redirection » Linux Shtuff

Then you'll need to restart the cpanel daemon. You can do this with a commandline, or just go into Tweak Settings and go to an inconsequential tab and click Save.