Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Issue with ManageSSL for hostname

Discussion in 'Security' started by Routes, Feb 16, 2018.

  1. Routes

    Routes Member

    Joined:
    Aug 5, 2016
    Messages:
    14
    Likes Received:
    1
    Trophy Points:
    3
    Location:
    Austria
    cPanel Access Level:
    Root Administrator
    Hi,

    I don't know exactly since which update this is but in the ManageSSL hosts section I have two entries now (both are for the machine name aka hostname) which point to /var/www/html where there is nothing (except cpanel own error pages and things like that). But as far as I can remember some time ago everything was "green" there. Please see screenshot. 2018-02-16 23_28_32-WHM [ms1] Manage SSL Hosts - 68.0.29.jpg

    What's up with that?

    Thanks
     
  2. rpvw

    rpvw Well-Known Member

    Joined:
    Jul 18, 2013
    Messages:
    779
    Likes Received:
    274
    Trophy Points:
    113
    Location:
    Spain
    cPanel Access Level:
    Root Administrator
    I am seeing exactly the same (v68.0.29) with the same duplication, and same expiry dates.

    Checking the certificates actually installed for the hostname show that the certificate issued by cPanel, Inc is valid until 01/09/2019 and it is correctly installed on all the Services.

    (Incidentally, my certificates were set up by a cPanel support engineer during a paid telephone support session - so it wasn't something I have done incorrectly)

    Rather looks like this may be a bug.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. Routes

    Routes Member

    Joined:
    Aug 5, 2016
    Messages:
    14
    Likes Received:
    1
    Trophy Points:
    3
    Location:
    Austria
    cPanel Access Level:
    Root Administrator
    Yes it seems definitely as a bug because my certs are also valid, and I did not let them install by anyone, at least I did nothing at all. It is also v68.0.29 and my server is running since a year without any cert issues. The only difference to the main certs I see is that the key for the hostname has 128 bit SSL instead of 256 bit like the domain SSLs. And when you hover over the red locks that are open you get to read "A key that does not provide at least 2048-bit encryption does not provide adequate security".

    So this should be filed as a bug and be fixed by cPanel!
     
  4. cPanelMichael

    cPanelMichael Technical Support Community Manager
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    44,749
    Likes Received:
    1,885
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hello,

    This is fixed in cPanel version 70 with the following case:

    Fixed case CPANEL-17902: EA3: Ensure the 'default SSL' vhost is bound to all of the shared IPs.
    Fixed case CPANEL-17902: WHM: Do not display the 'default SSL' on the Manage SSL Hosts interface.


    You can safely ignore that listing until your server is updated to cPanel version 70 (it's currently only available in the Current and Edge build tiers).

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  5. Routes

    Routes Member

    Joined:
    Aug 5, 2016
    Messages:
    14
    Likes Received:
    1
    Trophy Points:
    3
    Location:
    Austria
    cPanel Access Level:
    Root Administrator
    Ok thanks
     
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice