The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Location & use of root's SSL cert ?

Discussion in 'Security' started by ottdev, Feb 24, 2016.

  1. ottdev

    ottdev Well-Known Member

    Joined:
    Oct 1, 2013
    Messages:
    63
    Likes Received:
    1
    Trophy Points:
    8
    cPanel Access Level:
    Root Administrator
    In WHM under "Manage SSL certificates", our server-wide cert show up under Apache (alongside client certs) with good expiry date.
    But it also shows up under Root with an expired date.

    Where is this location for root's certs? And do I simply cp the newer one over to that location or is there a special way to "install" it in WHM so that it is recognized/configured in any settings?

    Also, what is root's cert used for? The services show the good expiry, and no errors are seen using email or web browser.
     
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,678
    Likes Received:
    648
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello :)

    Could you verify if you are referring to "Manage Service SSL Certificates", or "Manage SSL Hosts"?

    Thank you.
     
  3. ottdev

    ottdev Well-Known Member

    Joined:
    Oct 1, 2013
    Messages:
    63
    Likes Received:
    1
    Trophy Points:
    8
    cPanel Access Level:
    Root Administrator
    "Manage Service SSL Certificates"
    - the shared cert shows up fine there in the table of service - good expiry

    Just below the table is the "Browse Certificates" button - click that
    - Browse Root (automatically selected in the dropdown) - shows the shared cert, but with 2 year old date
    - Browse Apache - shows the good expiry date
     
  4. ottdev

    ottdev Well-Known Member

    Joined:
    Oct 1, 2013
    Messages:
    63
    Likes Received:
    1
    Trophy Points:
    8
    cPanel Access Level:
    Root Administrator
    Is it merely a remnant of that previous year's installation and can be deleted?
    Or is it used for something and should be updated with the current year's cert?
     
  5. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,678
    Likes Received:
    648
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    It's likely related to the previous self-signed certificate that's automatically generated for the server's hostname. You can safely ignore or delete the old certificate if it's no longer used by Apache or by a service.

    Thank you.
     
Loading...

Share This Page