The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Problem with SSL cert installation

Discussion in 'General Discussion' started by InteractM, Apr 26, 2016.

  1. InteractM

    InteractM Well-Known Member

    Joined:
    Apr 2, 2013
    Messages:
    133
    Likes Received:
    1
    Trophy Points:
    18
    cPanel Access Level:
    Root Administrator
    I have received from one cPanel user a SSL cert which I have tried to install and came with an error:

    Certificate verification failed! The system did not find the Certificate Authority Bundle that matches this certificate. Contact “Corporation Service Company” to obtain the Certificate Authority Bundle for “Trusted Secure Certificate Authority 5”.​

    Then the user provided CA cert but installing with it I'm getting that error message:

    Verification Result [ stdin: C = US, ST = DE, L = Wilmington, O = Corporation Service Company, CN = Trusted Secure Certificate Authority 5 error 20 at 0 depth lookup:unable to get local issuer certificate ]​

    Any clue what is going on? I never had any issues so far with SSL cert issues by RapidSSL, GeoTrust, VeriSign or Commodo.

    Thanks
     
    #1 InteractM, Apr 26, 2016
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    35,630
    Likes Received:
    1,138
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello :)

    Please post the output from the following command:

    Code:
    grep '' /etc/redhat-release /usr/local/cpanel/version /var/cpanel/envtype
    Also, please let us know if you are installing the certificate via cPanel or Web Host Manager, the URL where you are obtaining the CABundle from, and if you are entering the CABundle manually or allowing it to automatically populate in the interface.

    Thank you.
     
    #2 cPanelMichael, Apr 26, 2016
  3. InteractM

    InteractM Well-Known Member

    Joined:
    Apr 2, 2013
    Messages:
    133
    Likes Received:
    1
    Trophy Points:
    18
    cPanel Access Level:
    Root Administrator
    /etc/redhat-release:CentOS release 6.7 (Final)
    /usr/local/cpanel/version:11.54.0.21
    /var/cpanel/envtype:standard

    SSL cert was uploaded via cPanel but cPanel user wasn't able to activate it so I have tried to install it (activate) via WHM but I have got the same errors.

    CA is not autopopulating after CRT selection (first error message) then when I will copy&paste TrustedSecureCertificateAuthority5.crt it throws second error message. All done again via WHM

    Based on cPanel user SSL cert was obtained from Comodo.

    Thanks
     
    #3 InteractM, Apr 26, 2016
  4. Carl Spooner

    Carl Spooner Registered

    Joined:
    Apr 28, 2016
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Canada
    cPanel Access Level:
    Root Administrator
    I have 3 servers with cPanel and received this new SSL too for each of them and with the update of WHM 56.0 and got the same errors.
     
    #4 Carl Spooner, Apr 28, 2016
  5. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    35,630
    Likes Received:
    1,138
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Could anyone experiencing this issue open a support ticket using the link in my signature so we can take a closer look? Please reference internal case CPANEL-1454, so we can verify if the issue is associated with that case. Also, post the ticket number here so we can update this thread with the outcome.

    Thank you.
     
    #5 cPanelMichael, Apr 29, 2016
  6. sylvainf

    sylvainf Registered

    Joined:
    Aug 14, 2016
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Paris
    cPanel Access Level:
    Root Administrator
    hello,
    i'm facing the same issue.

    the domain, IP and KEY all automatically filled in, but not the CA Bundle.

    i copy and paste the CA Bundle , then i have this issue

    system informations:

    /etc/redhat-release:CentOS release 6.8 (Final)
    /usr/local/cpanel/version:11.58.0.19
    /var/cpanel/envtype:virtuozzo

    here is error log

    Code:
    tail -fn0 /usr/local/cpanel/logs/error_log
-----------------------------------------------------
==> cpsrvd 11.58.0.19 started
==> cpsrvd: loading security policy....Done
==> cpsrvd: Setting up SSL support ... Done
==> cpsrvd: transferred port bindings
==> cpsrvd: bound to ports
[2016-08-14 09:07:02 +0200] warn [ssl] Certificate bundle verification failed!

Verification Result [ stdin: DC = ng, DC = com, DC = AAA, CN = AAA-BBBBBB-CA
error 20 at 0 depth lookup:unable to get local issuer certificate
]
at bin/admin/Cpanel/ssl.pl line 177.
        bin::ssladmin::perform_add(__CPANEL_HIDDEN__, __CPANEL_HIDDEN__) called at /usr/local/cpanel/Cpanel/AdminBin/Script/Legacy.pm line 124
        Cpanel::AdminBin::Script::Legacy::script("Cpanel::AdminBin::Script::Legacy", HASH(0x11c2ee0), 506) called at /usr/local/cpanel/Cpanel/AdminBin/Script/Legacy.pm line 26
        eval {...} called at /usr/local/cpanel/Cpanel/AdminBin/Script/Legacy.pm line 26
        Cpanel::AdminBin::Script::Legacy::run_adminbin("bin::ssladmin", HASH(0x11c2ee0)) called at bin/admin/Cpanel/ssl.pl line 73
[2016-08-14 09:07:02 +0200] warn [uapi] Cpanel::Wrap::send_cpwrapd_request The adminbin “ssl” in the “Cpanel” namespace call to function “ADD” ended prematurely: The subprocess reported error number 5 when it ended.: namespace=[Cpanel] module=[ssl] function=[ADD]: raw_response=[{"mode":"full","data":{"action":"install","status":0,"html":"Certificate bundle verification failed!\n\nVerification Result [ stdin: DC = ng, DC = com, DC = AAA, CN = AAA-BBBBBB-CA\nerror 20 at 0 depth lookup:unable to get local issuer certificate\n]\n","statusmsg":"Certificate bundle verification failed!\n\nVerification Result [ stdin: DC = ng, DC = com, DC = AAA, CN = AAA-BBBBBB-CA\nerror 20 at 0 depth lookup:unable to get local issuer certificate\n]\n","message":"Certificate bundle verification failed!\n\nVerification Result [ stdin: DC = ng, DC = com, DC = AAA, CN = AAA-BBBBBB-CA\nerror 20 at 0 depth lookup:unable to get local issuer certificate\n]\n"},"exit_code":1280,"action":"fetch","error":1,"version":"2.4","statusmsg":"The adminbin “ssl” in the “Cpanel” namespace call to function “ADD” ended prematurely: The subprocess reported error number 5 when it ended.","status":1,"timeout":0}] at /usr/local/cpanel/Cpanel/Wrap.pm line 115, <$socket> line 1.
        Cpanel::Wrap::send_cpwrapd_request("action", "fetch", "no_cperror", 1, "namespace", "Cpanel", "data", HASH(0x18c7590), "module", ...) called at /usr/local/cpanel/Cpanel/Wrap.pm line 55
        Cpanel::Wrap::send_cpwrapd_request_no_cperror("namespace", "Cpanel", "module", "ssl", "function", "ADD", "data", HASH(0x18c7590), "action", ...) called at /usr/local/cpanel/Cpanel/AdminBin.pm line 251
        Cpanel::AdminBin::_adminfetch("module", "ssl", "function", "ADD", "format", "storable", "cache_check_files", "", "cache", ...) called at /usr/local/cpanel/Cpanel/AdminBin.pm line 177
        Cpanel::AdminBin::fetch_adminbin_nocache_with_status("ssl", undef, "ADD", "storable", HASH(0x18c7590)) called at /usr/local/cpanel/Cpanel/API/SSL.pm line 1719
        Cpanel::API::SSL::_install("example.com", "www_example_com_aa97a_e2cf9_1533304026_1eff21b92361589b26ff1a0"..., "aa97a_e2cf9_9d3c4438b647dab7d21f0f42f0dcc106", "-----BEGIN CERTIFICATE-----\x{a}MIIFcTCCBFmgAwIBAgIKean8VwACABwmD"..., Cpanel::Result=HASH(0x41e4d80), 1) called at /usr/local/cpanel/Cpanel/API/SSL.pm line 1319
        Cpanel::API::SSL::install_ssl(Cpanel::Args=HASH(0x49d29d0), Cpanel::Result=HASH(0x41e4d80)) called at /usr/local/cpanel/Cpanel/API.pm line 285
        Cpanel::API::__ANON__() called at /usr/local/cpanel/Cpanel/API.pm line 357
        eval {...} called at /usr/local/cpanel/Cpanel/API.pm line 357
        Cpanel::API::_eval_guard(Cpanel::Result=HASH(0x41e4d80), CODE(0x49d2b98)) called at /usr/local/cpanel/Cpanel/API.pm line 285
        Cpanel::API::_run_module_function(Cpanel::Args=HASH(0x49d29d0), Cpanel::Result=HASH(0x41e4d80), "SSL", "install_ssl") called at /usr/local/cpanel/Cpanel/API.pm line 142
        Cpanel::API::execute("SSL", "install_ssl", HASH(0x421e0c8)) called at /usr/local/cpanel/Cpanel/API.pm line 548
        Cpanel::API::run_api_mode(HASH(0x421e0c8)) called at uapi.pl line 270
        main::script() called at uapi.pl line 83
[2016-08-14 09:07:02 +0200] warn [uapi] Cpanel::Wrap::send_cpwrapd_request error: namespace=[Cpanel] module=[ssl] function=[ADD]: statusmsg=[The adminbin “ssl” in the “Cpanel” namespace call to function “ADD” ended prematurely: The subprocess reported error number 5 when it ended.] at /usr/local/cpanel/Cpanel/Wrap.pm line 124, <$socket> line 1.
        Cpanel::Wrap::send_cpwrapd_request("action", "fetch", "no_cperror", 1, "namespace", "Cpanel", "data", HASH(0x18c7590), "module", ...) called at /usr/local/cpanel/Cpanel/Wrap.pm line 55
        Cpanel::Wrap::send_cpwrapd_request_no_cperror("namespace", "Cpanel", "module", "ssl", "function", "ADD", "data", HASH(0x18c7590), "action", ...) called at /usr/local/cpanel/Cpanel/AdminBin.pm line 251
        Cpanel::AdminBin::_adminfetch("module", "ssl", "function", "ADD", "format", "storable", "cache_check_files", "", "cache", ...) called at /usr/local/cpanel/Cpanel/AdminBin.pm line 177
        Cpanel::AdminBin::fetch_adminbin_nocache_with_status("ssl", undef, "ADD", "storable", HASH(0x18c7590)) called at /usr/local/cpanel/Cpanel/API/SSL.pm line 1719
        Cpanel::API::SSL::_install("example.com", "www_example_com_aa97a_e2cf9_1533304026_1eff21b92361589b26ff1a0"..., "aa97a_e2cf9_9d3c4438b647dab7d21f0f42f0dcc106", "-----BEGIN CERTIFICATE-----\x{a}MIIFcTCCBFmgAwIBAgIKean8VwACABwmD"..., Cpanel::Result=HASH(0x41e4d80), 1) called at /usr/local/cpanel/Cpanel/API/SSL.pm line 1319
        Cpanel::API::SSL::install_ssl(Cpanel::Args=HASH(0x49d29d0), Cpanel::Result=HASH(0x41e4d80)) called at /usr/local/cpanel/Cpanel/API.pm line 285
        Cpanel::API::__ANON__() called at /usr/local/cpanel/Cpanel/API.pm line 357
        eval {...} called at /usr/local/cpanel/Cpanel/API.pm line 357
        Cpanel::API::_eval_guard(Cpanel::Result=HASH(0x41e4d80), CODE(0x49d2b98)) called at /usr/local/cpanel/Cpanel/API.pm line 285
        Cpanel::API::_run_module_function(Cpanel::Args=HASH(0x49d29d0), Cpanel::Result=HASH(0x41e4d80), "SSL", "install_ssl") called at /usr/local/cpanel/Cpanel/API.pm line 142
        Cpanel::API::execute("SSL", "install_ssl", HASH(0x421e0c8)) called at /usr/local/cpanel/Cpanel/API.pm line 548
        Cpanel::API::run_api_mode(HASH(0x421e0c8)) called at uapi.pl line 270
        main::script() called at uapi.pl line 83
    -----------------------------------------------------

    Could anyone help please?
    thanks very much
     
    #6 sylvainf, Aug 14, 2016
    Last edited by a moderator: Aug 14, 2016
  7. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    35,630
    Likes Received:
    1,138
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Could you open a support ticket using the link in my signature so we can take a closer look? You can post the ticket number here so we can update this thread with the outcome.

    Thank you.
     
    #7 cPanelMichael, Aug 22, 2016
(You must log in or sign up to post here.)
Loading...
Similar Threads - Problem cert installation
  1. techman141102

    Problems with certificate

    techman141102, Jun 13, 2017, in forum: Security
    Replies:
    7
    Views:
    94
    cPanelMichael
    Jun 19, 2017
  2. pronesco

    Error: cURL error 77: Problem with the SSL CA cert (path? access rights?)

    pronesco, Jun 13, 2017, in forum: General Discussion
    Replies:
    3
    Views:
    58
    cPanelMichael
    Jun 14, 2017
  3. Nirjonadda

    SOLVED AutoSSL Certificate problem

    Nirjonadda, May 12, 2017, in forum: Security
    Replies:
    8
    Views:
    279
    cPanelMichael
    Jun 23, 2017 at 8:27 AM
  4. Spork Schivago

    Problems with manual SSL certs and cPanel

    Spork Schivago, Apr 19, 2017, in forum: Security
    Replies:
    8
    Views:
    233
    Spork Schivago
    May 22, 2017
  5. cmonego

    Problem Replacing Expired SSL Cert in EXIM (via WHM)

    cmonego, Mar 28, 2017, in forum: General Discussion
    Replies:
    5
    Views:
    197
    cPanelMichael
    Mar 28, 2017

Share This Page