philsward

Active Member
Jan 3, 2017
26
11
3
USA
cPanel Access Level
Website Owner
I migrated servers from CentOS6 -> CentOS7

My hosting company has left the old server running in case I run into issues

I deleted the 2fa for the old server, but now wish to inspect some settings between the new and old server

The suggested command produces:

status: 0
statusmsg: Cannot Read License File

So the license has been revoked from the old server, but now as a result I am unable to login to WHM. Suggestions?
 

cPRex

Jurassic Moderator
Staff member
Oct 19, 2014
9,796
1,529
313
cPanel Access Level
Root Administrator
Hey there! Can you send me the full output of the following command?

/usr/local/cpanel/cpkeyclt

Just remove any sensitive/private data (IP addresses, domains, etc) and then I can get you more details on the best way to get this resolved.
 

philsward

Active Member
Jan 3, 2017
26
11
3
USA
cPanel Access Level
Website Owner
@cPRex

Code:
Updating cPanel license...Done. Update Failed!
Error message:
The cPanel license server said that a license could not be issued for your server (66).
For more information visit: http://www.cpanel.net/lic.html

The exact message was: The license is expired.
 
Last edited:

cPRex

Jurassic Moderator
Staff member
Oct 19, 2014
9,796
1,529
313
cPanel Access Level
Root Administrator
Thanks for that information. If you go to this page and put your IP address into the form:


it will give you the license history there. If the license is indeed expired, you may just need to purchase a new one to get that activated. if you don't believe the license should be expired it would be best to contact our Customer Service team directly to have them check that: How do I contact cPanel Customer Service?
 

philsward

Active Member
Jan 3, 2017
26
11
3
USA
cPanel Access Level
Website Owner
No, it's probably expired. I "destroyed" that server container. It just so happens the hosting company has left it up and running in case the customer (me) needs to access it again. They'll take it offline after 30-60 days I'm guessing.

Point is, disabling 2FA shouldn't be tied to the license. That doesn't make sense as it literally locks someone out of the server. I can access it all day long through SSH, and I'm sure there's a config file where this can be switched off, but it doesn't look like that info has been exposed. Guess I could grep it ;-)
 

philsward

Active Member
Jan 3, 2017
26
11
3
USA
cPanel Access Level
Website Owner
In the previous thread (before it moved over here) the "suggested command" to disable 2FA is:

whmapi1 twofactorauth_disable_policy

When I use that command, I get the license error, thus whmapi1 is tied to the license, right?

I'm saying that if disabling 2FA through whmapi1, it should not check for the license in order to process the command.
 

cPRex

Jurassic Moderator
Staff member
Oct 19, 2014
9,796
1,529
313
cPanel Access Level
Root Administrator
Thanks for the additional details. You're correct that whmapi1 itself does depend on the license to function, as the cPanel tools get suspended, so you wouldn't be able to use the API system with an expired license. If that were the case, users could still take advantage of cPanel tools even if the license was in a suspended state. So in this case, what you're experiencing is normal behavior for the server.
 

philsward

Active Member
Jan 3, 2017
26
11
3
USA
cPanel Access Level
Website Owner
@cPRex right and what I'm saying is that 2fa should not be a factor of the whmapi1 command. It should live outside of that, or at the very least, be an exception.

Point in case, if I wanted to login to WHM to re-add the license, I can't login to re-add the license. I honestly haven't ever added a license, so maybe there's other ways of getting it to work, but I'm just pointing out that locking 2fa to the license without having an exception in the whmapi1 to be able to disable 2fa, probably isn't a good idea.

>> If that were the case, users could still take advantage of cPanel tools ...
I guess this is where my knowledge of the license is lacking because I would think a person should at least be able to login to WHM to a reduced set of abilities.
 

cPRex

Jurassic Moderator
Staff member
Oct 19, 2014
9,796
1,529
313
cPanel Access Level
Root Administrator
When a license is expired we've always completely locked the WHM access, including the API calls. The whmapi calls have always been included in those things that get the access locked. I do see your point though, so this might be a good feature request to get submitted to our team using the link in my signature.