The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Problem with SSL cert installation

Discussion in 'General Discussion' started by InteractM, Apr 26, 2016.

  1. InteractM

    InteractM Well-Known Member

    Joined:
    Apr 2, 2013
    Messages:
    133
    Likes Received:
    1
    Trophy Points:
    18
    cPanel Access Level:
    Root Administrator
    I have received from one cPanel user a SSL cert which I have tried to install and came with an error:

    Certificate verification failed! The system did not find the Certificate Authority Bundle that matches this certificate. Contact “Corporation Service Company” to obtain the Certificate Authority Bundle for “Trusted Secure Certificate Authority 5”.​

    Then the user provided CA cert but installing with it I'm getting that error message:

    Verification Result [ stdin: C = US, ST = DE, L = Wilmington, O = Corporation Service Company, CN = Trusted Secure Certificate Authority 5 error 20 at 0 depth lookup:unable to get local issuer certificate ]​

    Any clue what is going on? I never had any issues so far with SSL cert issues by RapidSSL, GeoTrust, VeriSign or Commodo.

    Thanks
     
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,854
    Likes Received:
    676
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello :)

    Please post the output from the following command:

    Code:
    grep '' /etc/redhat-release /usr/local/cpanel/version /var/cpanel/envtype
    Also, please let us know if you are installing the certificate via cPanel or Web Host Manager, the URL where you are obtaining the CABundle from, and if you are entering the CABundle manually or allowing it to automatically populate in the interface.

    Thank you.
     
  3. InteractM

    InteractM Well-Known Member

    Joined:
    Apr 2, 2013
    Messages:
    133
    Likes Received:
    1
    Trophy Points:
    18
    cPanel Access Level:
    Root Administrator
    /etc/redhat-release:CentOS release 6.7 (Final)
    /usr/local/cpanel/version:11.54.0.21
    /var/cpanel/envtype:standard

    SSL cert was uploaded via cPanel but cPanel user wasn't able to activate it so I have tried to install it (activate) via WHM but I have got the same errors.

    CA is not autopopulating after CRT selection (first error message) then when I will copy&paste TrustedSecureCertificateAuthority5.crt it throws second error message. All done again via WHM

    Based on cPanel user SSL cert was obtained from Comodo.

    Thanks
     
  4. Carl Spooner

    Carl Spooner Registered

    Joined:
    Apr 28, 2016
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Canada
    cPanel Access Level:
    Root Administrator
    I have 3 servers with cPanel and received this new SSL too for each of them and with the update of WHM 56.0 and got the same errors.
     
  5. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,854
    Likes Received:
    676
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Could anyone experiencing this issue open a support ticket using the link in my signature so we can take a closer look? Please reference internal case CPANEL-1454, so we can verify if the issue is associated with that case. Also, post the ticket number here so we can update this thread with the outcome.

    Thank you.
     
  6. sylvainf

    sylvainf Registered

    Joined:
    Aug 14, 2016
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Paris
    cPanel Access Level:
    Root Administrator
    hello,
    i'm facing the same issue.

    the domain, IP and KEY all automatically filled in, but not the CA Bundle.

    i copy and paste the CA Bundle , then i have this issue

    system informations:

    /etc/redhat-release:CentOS release 6.8 (Final)
    /usr/local/cpanel/version:11.58.0.19
    /var/cpanel/envtype:virtuozzo

    here is error log

    Code:
    tail -fn0 /usr/local/cpanel/logs/error_log
    -----------------------------------------------------
    ==> cpsrvd 11.58.0.19 started
    ==> cpsrvd: loading security policy....Done
    ==> cpsrvd: Setting up SSL support ... Done
    ==> cpsrvd: transferred port bindings
    ==> cpsrvd: bound to ports
    [2016-08-14 09:07:02 +0200] warn [ssl] Certificate bundle verification failed!
    
    Verification Result [ stdin: DC = ng, DC = com, DC = AAA, CN = AAA-BBBBBB-CA
    error 20 at 0 depth lookup:unable to get local issuer certificate
    ]
    at bin/admin/Cpanel/ssl.pl line 177.
            bin::ssladmin::perform_add(__CPANEL_HIDDEN__, __CPANEL_HIDDEN__) called at /usr/local/cpanel/Cpanel/AdminBin/Script/Legacy.pm line 124
            Cpanel::AdminBin::Script::Legacy::script("Cpanel::AdminBin::Script::Legacy", HASH(0x11c2ee0), 506) called at /usr/local/cpanel/Cpanel/AdminBin/Script/Legacy.pm line 26
            eval {...} called at /usr/local/cpanel/Cpanel/AdminBin/Script/Legacy.pm line 26
            Cpanel::AdminBin::Script::Legacy::run_adminbin("bin::ssladmin", HASH(0x11c2ee0)) called at bin/admin/Cpanel/ssl.pl line 73
    [2016-08-14 09:07:02 +0200] warn [uapi] Cpanel::Wrap::send_cpwrapd_request The adminbin “ssl” in the “Cpanel” namespace call to function “ADD” ended prematurely: The subprocess reported error number 5 when it ended.: namespace=[Cpanel] module=[ssl] function=[ADD]: raw_response=[{"mode":"full","data":{"action":"install","status":0,"html":"Certificate bundle verification failed!\n\nVerification Result [ stdin: DC = ng, DC = com, DC = AAA, CN = AAA-BBBBBB-CA\nerror 20 at 0 depth lookup:unable to get local issuer certificate\n]\n","statusmsg":"Certificate bundle verification failed!\n\nVerification Result [ stdin: DC = ng, DC = com, DC = AAA, CN = AAA-BBBBBB-CA\nerror 20 at 0 depth lookup:unable to get local issuer certificate\n]\n","message":"Certificate bundle verification failed!\n\nVerification Result [ stdin: DC = ng, DC = com, DC = AAA, CN = AAA-BBBBBB-CA\nerror 20 at 0 depth lookup:unable to get local issuer certificate\n]\n"},"exit_code":1280,"action":"fetch","error":1,"version":"2.4","statusmsg":"The adminbin “ssl” in the “Cpanel” namespace call to function “ADD” ended prematurely: The subprocess reported error number 5 when it ended.","status":1,"timeout":0}] at /usr/local/cpanel/Cpanel/Wrap.pm line 115, <$socket> line 1.
            Cpanel::Wrap::send_cpwrapd_request("action", "fetch", "no_cperror", 1, "namespace", "Cpanel", "data", HASH(0x18c7590), "module", ...) called at /usr/local/cpanel/Cpanel/Wrap.pm line 55
            Cpanel::Wrap::send_cpwrapd_request_no_cperror("namespace", "Cpanel", "module", "ssl", "function", "ADD", "data", HASH(0x18c7590), "action", ...) called at /usr/local/cpanel/Cpanel/AdminBin.pm line 251
            Cpanel::AdminBin::_adminfetch("module", "ssl", "function", "ADD", "format", "storable", "cache_check_files", "", "cache", ...) called at /usr/local/cpanel/Cpanel/AdminBin.pm line 177
            Cpanel::AdminBin::fetch_adminbin_nocache_with_status("ssl", undef, "ADD", "storable", HASH(0x18c7590)) called at /usr/local/cpanel/Cpanel/API/SSL.pm line 1719
            Cpanel::API::SSL::_install("example.com", "www_example_com_aa97a_e2cf9_1533304026_1eff21b92361589b26ff1a0"..., "aa97a_e2cf9_9d3c4438b647dab7d21f0f42f0dcc106", "-----BEGIN CERTIFICATE-----\x{a}MIIFcTCCBFmgAwIBAgIKean8VwACABwmD"..., Cpanel::Result=HASH(0x41e4d80), 1) called at /usr/local/cpanel/Cpanel/API/SSL.pm line 1319
            Cpanel::API::SSL::install_ssl(Cpanel::Args=HASH(0x49d29d0), Cpanel::Result=HASH(0x41e4d80)) called at /usr/local/cpanel/Cpanel/API.pm line 285
            Cpanel::API::__ANON__() called at /usr/local/cpanel/Cpanel/API.pm line 357
            eval {...} called at /usr/local/cpanel/Cpanel/API.pm line 357
            Cpanel::API::_eval_guard(Cpanel::Result=HASH(0x41e4d80), CODE(0x49d2b98)) called at /usr/local/cpanel/Cpanel/API.pm line 285
            Cpanel::API::_run_module_function(Cpanel::Args=HASH(0x49d29d0), Cpanel::Result=HASH(0x41e4d80), "SSL", "install_ssl") called at /usr/local/cpanel/Cpanel/API.pm line 142
            Cpanel::API::execute("SSL", "install_ssl", HASH(0x421e0c8)) called at /usr/local/cpanel/Cpanel/API.pm line 548
            Cpanel::API::run_api_mode(HASH(0x421e0c8)) called at uapi.pl line 270
            main::script() called at uapi.pl line 83
    [2016-08-14 09:07:02 +0200] warn [uapi] Cpanel::Wrap::send_cpwrapd_request error: namespace=[Cpanel] module=[ssl] function=[ADD]: statusmsg=[The adminbin “ssl” in the “Cpanel” namespace call to function “ADD” ended prematurely: The subprocess reported error number 5 when it ended.] at /usr/local/cpanel/Cpanel/Wrap.pm line 124, <$socket> line 1.
            Cpanel::Wrap::send_cpwrapd_request("action", "fetch", "no_cperror", 1, "namespace", "Cpanel", "data", HASH(0x18c7590), "module", ...) called at /usr/local/cpanel/Cpanel/Wrap.pm line 55
            Cpanel::Wrap::send_cpwrapd_request_no_cperror("namespace", "Cpanel", "module", "ssl", "function", "ADD", "data", HASH(0x18c7590), "action", ...) called at /usr/local/cpanel/Cpanel/AdminBin.pm line 251
            Cpanel::AdminBin::_adminfetch("module", "ssl", "function", "ADD", "format", "storable", "cache_check_files", "", "cache", ...) called at /usr/local/cpanel/Cpanel/AdminBin.pm line 177
            Cpanel::AdminBin::fetch_adminbin_nocache_with_status("ssl", undef, "ADD", "storable", HASH(0x18c7590)) called at /usr/local/cpanel/Cpanel/API/SSL.pm line 1719
            Cpanel::API::SSL::_install("example.com", "www_example_com_aa97a_e2cf9_1533304026_1eff21b92361589b26ff1a0"..., "aa97a_e2cf9_9d3c4438b647dab7d21f0f42f0dcc106", "-----BEGIN CERTIFICATE-----\x{a}MIIFcTCCBFmgAwIBAgIKean8VwACABwmD"..., Cpanel::Result=HASH(0x41e4d80), 1) called at /usr/local/cpanel/Cpanel/API/SSL.pm line 1319
            Cpanel::API::SSL::install_ssl(Cpanel::Args=HASH(0x49d29d0), Cpanel::Result=HASH(0x41e4d80)) called at /usr/local/cpanel/Cpanel/API.pm line 285
            Cpanel::API::__ANON__() called at /usr/local/cpanel/Cpanel/API.pm line 357
            eval {...} called at /usr/local/cpanel/Cpanel/API.pm line 357
            Cpanel::API::_eval_guard(Cpanel::Result=HASH(0x41e4d80), CODE(0x49d2b98)) called at /usr/local/cpanel/Cpanel/API.pm line 285
            Cpanel::API::_run_module_function(Cpanel::Args=HASH(0x49d29d0), Cpanel::Result=HASH(0x41e4d80), "SSL", "install_ssl") called at /usr/local/cpanel/Cpanel/API.pm line 142
            Cpanel::API::execute("SSL", "install_ssl", HASH(0x421e0c8)) called at /usr/local/cpanel/Cpanel/API.pm line 548
            Cpanel::API::run_api_mode(HASH(0x421e0c8)) called at uapi.pl line 270
            main::script() called at uapi.pl line 83
    
    -----------------------------------------------------

    Could anyone help please?
    thanks very much
     
    #6 sylvainf, Aug 14, 2016
    Last edited by a moderator: Aug 14, 2016
  7. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,854
    Likes Received:
    676
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Could you open a support ticket using the link in my signature so we can take a closer look? You can post the ticket number here so we can update this thread with the outcome.

    Thank you.
     
Loading...

Share This Page