The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

question about "self-signed certificate"

Discussion in 'General Discussion' started by ljwhite, Sep 17, 2006.

  1. ljwhite

    ljwhite Well-Known Member

    Joined:
    Jun 20, 2005
    Messages:
    363
    Likes Received:
    0
    Trophy Points:
    16
    I want to assign self-signed certificate for our hosted domain using whm. How could i do this? Many thanks in advance!
     
  2. shashank

    shashank Well-Known Member
    PartnerNOC

    Joined:
    Apr 12, 2003
    Messages:
    159
    Likes Received:
    1
    Trophy Points:
    18
    cPanel Access Level:
    Root Administrator
    Generate a CSR for the domain in whm. It should give you a key, csr and a crt. Then from the ssl install form use the key and crt you got from the csr generation and assign it to your domain. make sure the domain had a dedicated Ip and once the crt and key are installed it should have a self-signed cert.
     
  3. ljwhite

    ljwhite Well-Known Member

    Joined:
    Jun 20, 2005
    Messages:
    363
    Likes Received:
    0
    Trophy Points:
    16
    Thanks for your help. I have installed self-signed ssl. Now i have two questions:
    1. When i open the site with self-signed ssl, i will get a "security alert" which is said:"The secrity certificate was issued by a company you have not chosen to trust. View the certificate to determine whether you want to trust the certifying authority.
    Why do i get this "security alert"? Is there a way to avoid it?
    2. how to delete self-signed ssl?
     
  4. elliotcooper

    elliotcooper Well-Known Member
    PartnerNOC

    Joined:
    May 18, 2005
    Messages:
    56
    Likes Received:
    0
    Trophy Points:
    6
    The reason that you get the security alert is that secure certificates are setup to do two things:

    1. Encrypt the traffic between browser and server
    2. Authenticate the identity of the site you are looking at.

    2. is achieved by the certificate listing who signed or verified the information listed in the certificate. In order to work without getting the error the certificate muxt be signed by a Signing Authority that the browser is configured to recognise. When the signing authority signs the certificate they are verifying the identity of the certificate holder.

    There are a small number of these inluding Verisign and Comodo. These companies will not sign a certificate unless documentation is submitted verifying the identity of the certificate holder. For this reason you can trust a site with a secure certificate because you know that the signing authority has performed checks to ensure the certificate holder is who they say they are.

    When you self sign the certificate no independant authority checks you are who you say you are which is the reason that the browser warns when it encounters a self signed cert.

    To delete the certificate you should use the function in WHM. Also you will need to log into your server on the command line and delete the files you created in these directories:

    /usr/share/ssl/certs/
    /usr/share/ssl/private/

    The files you need to delete will contain the domain name that you used for the cert.
     
  5. ljwhite

    ljwhite Well-Known Member

    Joined:
    Jun 20, 2005
    Messages:
    363
    Likes Received:
    0
    Trophy Points:
    16
    I got it! Thanks for your detailed information.
     
Loading...

Share This Page