Purchase and install secure cert feature...Grrr!

[koukou]

I installed a secure cert that we purchased from the vendor right inside the WHM interface. I did the whole thing inside WHM.

After the purchase I fetched the two crt and key files in WHM and then pasted in the ca bundle file that Altaire/Comodo sent to me in the very bottom form window. (Where it says to put the ca file)...

Also checked the box telling it this is an edit not a new setup.

When I submit the form it returns this error:

Attempting to verify your certificate.....
Cerificate appears to be intact
/snipped personal info/
error 18 at 0 depth lookup:self signed certificate
OK


Now ssl works for the domain but the thing is acting like it's self signed. It still throws this browser error:
"The security certificate was issued by a company you have chosen not to trust. View the certificate to determine whether you want to trust the certifying authority."

I have already read over ten pages of forum posts and also went through a useless trouble ticket exchange with the cert vendor but still can't figure this out.

Should I start over and paste all the files into the interface? It looks like there are now several useless and .old keys there.

Many thanks in advance for any idea. (Is it just me, or should the cert vendor support their product? For $150 they should install the damn thing for you.)

 

[Choppy]

koukou,

Did you make sure that the domain you put the cert on has its OWN ip address?

If so try it again and instead of ticking the box that its an update to the SSL let it create a new one.

If the cert is working on the site but the ca has not been found it means the ca file or location is not being indexed correctly in the httpd.conf file.

Contact me if you need help doing it as i dont have access to our servers right now in order to give you the exact location where the problem with the ca root not beeing found.

It would be in the SSL area of the httpd.conf file where the domain is listed.

Regards
Phillip

 

[koukou]

Thank you Phillip.

Yes, it's already on a dedicated IP and has completed propagation.

It's possible that the ca file is improperly indexed. Good idea. I'll check the .conf file as you suggest and see. (You know, come to think of it, when I go in a fetch the cert info using WHM, the CA file never shows up. Bet that's the ticket.

If I get hopeless and my trouble ticket with the cPanl folks is not honored, I'll holler at you with log in details and gratitude.

Again thanks!
Dwayne

 

[emalbum]

I had this problem too using WHM 9.4.0 cPanel 9.4.1-R55 to install a SSL Cert from InstantSSL. Here is what I did to fix the problem:

1) Log into WHM as root
2) Install an SSL Certificate and Setup the Domain
3) Paste in the key, cert, and cabundle
4) Do It
5) SSH into server as root
6) Went to /usr/share/ssl/certs
7) Opened secure.mydomain.com.cabundle and secure.mydomain.com.crt and realized that there were a bunch of ^M's at the end of each line
8) Used dos2unix on both files
9) Opened secure.mydomain.com.cabundle and overwrote the contents with the info from the cabundle in #3...
10) Went to /usr/share/ssl/private and did dos2unix on secure.mydomain.com.key
11) Went to /etc/httpd/conf, backed httpd.conf up and edited it
12) Found SSLCertificateFile for secure.mydomain.com in the file and added below it:
SSLCACertificateFile /usr/share/ssl/certs/secure.mydomain.com.cabundle
13) Restarted Apache and now it works!

I hope this helps. I tried 100 different things so hopefully this will work for others

 

[The MAzTER]

thanks :D

that fixed it for me as well

 

[batchtech]

thank you thank you thank you

was looking for this forever, this did it for me as well, thanks a ton