The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Limit SSL for Clients

Discussion in 'Security' started by zlesavich, Aug 11, 2014.

  1. zlesavich

    zlesavich Member

    Joined:
    Aug 11, 2014
    Messages:
    14
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    I'm a little confused on the way this SSL/TLS manager works. Is there any way to limit that functionality for clients besides downright disabling it? I'd like clients to

    • View their SSL Certificates
    • POSSIBLY: Add and remove their own SSL Certificates.
    • Generate their own CSRs and Private Keys

    But I don't want them to

    • Generate their own certificates
    • Install certificates without a dedicated IP Address

    Is this even possible with cPanel?
     
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,811
    Likes Received:
    671
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello :)

    A self-signed certificate is automatically generated when a user generates a CSR/Key. It's not possible to prevent this through cPanel. Note that with SNI, it's acceptable to install SSL certificates on shared IP addresses. You would have to disable the SSL options in a feature list associated with packages for accounts without dedicated IP addresses if you wanted to restrict this option.

    Thank you.
     
  3. zlesavich

    zlesavich Member

    Joined:
    Aug 11, 2014
    Messages:
    14
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    That's a shame. I hope cPanel adds some more control over this. Most of the time I'm installing REAL SSL certificates and it's a pain having to delete the self-generated one all the time.
     
  4. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,811
    Likes Received:
    671
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    You should not have to delete a self-signed certificate. Installing a new certificate will overwrite the existing one.

    Thank you.
     
  5. zlesavich

    zlesavich Member

    Joined:
    Aug 11, 2014
    Messages:
    14
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    I guess that helps a little, Thanks!!!
     
Loading...

Share This Page