The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Self-Signed certificate: CPanel BUG? [moved]

Discussion in 'General Discussion' started by godlypower, Sep 10, 2006.

  1. godlypower

    godlypower Registered

    Joined:
    Sep 10, 2006
    Messages:
    4
    Likes Received:
    0
    Trophy Points:
    1
    Hello everyone!

    As I needed to set up a secure area (for a subdomain) of my site, I realised that, despite the fact that SSL Certificate option was working for creating Private & Public keys, there was no way to set up the security acces to that subdomain. It was just saying that the certificate was instaled for subdomain, but there was no acces on https://mysubdomain.domain.ext.
    Because I am a resseller, I do not have root acces, so I asked my hosting provider how I could set up some secure connection between the visitor and the server, and the answer was that I needed to get some Certificate Authority (CA) sign the certificate, so that they (my hosting providers) would install it for a fee (30 Euro) on a dedicated IP (22 Euro/year).:rolleyes:
    I tried to tell him (there was a contact person I was talking with) that CPanel offers the facility to create and install Self-Signed certificates, so that I would make that subdomain secure without paying to any CA for it.
    After an "short" E-Mail fight of half a day (he even gave me some discounts for instalation tax:p), his last point was that installing a self-signed certificate would affect the server. Why? He told me that CPanel and WHM have some bugs that make (sometimes) the httpd service fail on restart, if there are any self-signed certificates on the server, so that the SSL has to be reconfigured. More, he told me that Certificates issued by CA never gave such errors and that I should search with Google for similar cases.
    And I did and I found nothing! And I searched all this Forum and I found nothing (perheps it may be, but it is quite hidden...or maybe is not). SO...
    IS IT TRUE THAT THERE IS ANY BUG with SSL Self-Signed certificates in CPanel?
    And one more hint... The option "Web SSL / TLS" can't be found in my WHM... And I am quite sure that it had been hidden somehow.
    So pleaaase, help me with this. I need to be sure that my host provider is cheeting on me with this, and I need you to prove that to myself and to my host (I would be gratefull if any Admin is answering me).

    Best regards and thx a lot,
    Godlypower :D
     
    #1 godlypower, Sep 10, 2006
    Last edited: Sep 11, 2006
  2. jayh38

    jayh38 Well-Known Member

    Joined:
    Mar 3, 2006
    Messages:
    1,215
    Likes Received:
    0
    Trophy Points:
    36
    Find another host. Your provider just has to tick one box in your acl to provide you the option to generate your own certificate for you and your clients. Of course you would need to assign it to a dedicated IP. But if they want to charge you for installing a certificate that you would purchase from a 3rd party, then do find another host. I would generate and install that for clients for free as long as they have the dedicated IP to do so.
     
  3. godlypower

    godlypower Registered

    Joined:
    Sep 10, 2006
    Messages:
    4
    Likes Received:
    0
    Trophy Points:
    1
    Hmmmm...

    Thx 4 ur' advice, but...I am still uncertan about it.:(
    It might be true that there is a bug with SSL Self-Signed certificates?... I talked today again with them (they called me) and they confirmed that there are big problems regarding self-signed certificates on the server because of CPanel/WHM and they don't want such problems...
    Maybe this information would help:

    In WHM is written:
    WHM 10.8.0 cPanel 10.8.1-R113
    CentOS 3.8 i686 - WHM X v3.1.0

    In CPannel is written:
    Operating system Linux
    Kernel version 2.4.21-40.ELsmp
    Machine Type i686
    Apache version 1.3.37 (Unix)
    PERL version 5.8.6
    PHP version 4.3.11
    MySQL version 4.0.27-standard
    cPanel Build 10.8.1-RELEASE 113
    Theme cPanel X v2.5.0

    And more sensitive information:
    OpenSSL ver 0.9.7a Feb 19 2003

    Any other relevent information needed? I just want to know if there are some compatibility problems between the installed versions or if there are some known bugs regarding this versions of CPanel/WHM/Apache/OpenSSL...
     
  4. jayh38

    jayh38 Well-Known Member

    Joined:
    Mar 3, 2006
    Messages:
    1,215
    Likes Received:
    0
    Trophy Points:
    36
    Maybe if they updated atleast once a year, LOL, they may not have such issues.
     
  5. rikgarner

    rikgarner Well-Known Member

    Joined:
    Mar 31, 2006
    Messages:
    75
    Likes Received:
    1
    Trophy Points:
    8
    Location:
    /dev/null
    I didnt think anyone was still running software that old! The only thing there which is approaching current is perl.

    This is what it would look like from an updated server:

    Kernel version 2.6.9-42.0.2.ELsmp
    Machine Type i686
    Apache version 1.3.36 (Unix)
    PERL version 5.8.7
    Path to PERL /usr/bin/perl
    Path to sendmail /usr/sbin/sendmail
    Installed Perl Modules Click to View
    PHP version
    MySQL version 5.0.24-standard
    cPanel Build 10.9.0-CURRENT 4
    Theme cPanel X v2.5.0
    Documentation Click to View
    cPanel Pro 1.0 (RC36)

    It is quite possible that there are problems with OpenSSL on the old 2.4 kernel, but as few people have been using it in a production environment recently, they will not come up paticuarly highly in web search results.

    Jump ship and get a different host - we have never had any problems with self-signed certs on our servers - I would guess they are just after another way to screw money out of you, as I let my customers have these for free (again, provided they have the IP).

    Rich
     
Loading...

Share This Page