The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Self-Signed Certificate?

Discussion in 'General Discussion' started by alanpollenz, May 12, 2008.

  1. alanpollenz

    alanpollenz Active Member

    Joined:
    Nov 15, 2003
    Messages:
    30
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Outside the event horizon
    When connecting to Webhost Manager at https://123.45.6.789:2087/ or when attempting to send email using mail.mydomain.com as the smtp server, I get the following alert:

    --------------------

    Security Error: Domain Name Mismatch

    You have attempted to establish a connection with 123.45.6.789. However, the security certificate presented belongs to myservername.mydomain.com. It is possible, although unlikely, that someone may be trying to intercept your communication with this website.

    If you suspect the certificate shown does not belong to 123.45.6.789, please cancel the connection and notify the site administrator.

    --------------------

    In the case of mail.mydomain.com, the IP address in the error message is replaced with mail.mydomain.com.

    Question: Do I need to generate self-signed certificates for 123.45.6.789 and mail.mydomain.com to avoid these annoying nags, and, if so, how is this done?

    Thanks.

    Alan Pollenz
     
  2. ChrisRHS

    ChrisRHS Well-Known Member

    Joined:
    Jul 12, 2006
    Messages:
    292
    Likes Received:
    5
    Trophy Points:
    18
    You would need to purchase a certificate for your issues to go away, as it has to be signed by a verified issuer. If you generate a self signed cert, you will still have the issue. I've used these guys before:

    https://www.servertastic.com
     
  3. alanpollenz

    alanpollenz Active Member

    Joined:
    Nov 15, 2003
    Messages:
    30
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Outside the event horizon
    Will the mail server at mail.mydomain.com need to be on a dedicated IP address?

    Also, is it possible to generate a request for an IP address vice a FQDN?

    Thanks.

    Alan
     
  4. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    14,456
    Likes Received:
    195
    Trophy Points:
    63
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    If I understand you right:

    You might want to look at the redirection section of Tweak Settings in WHM to make sure you're setup as you want. Also you should probably connect to WHM via:

    https://yourDOTservernameDOT.com:2087

    And then accept the cert into your browser. That'll get rid of the "nag" for WHM.

    You should not use mailDOTservernameDOT.com for your mail account setup unless you've got an account setup to use it. (unclear here on what you're doing, how, where you're setting up this email account)

    Not sure if that's helpful or not...
     
  5. alanpollenz

    alanpollenz Active Member

    Joined:
    Nov 15, 2003
    Messages:
    30
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Outside the event horizon
    Not sure what the redirection settings should be, but I think mine are probably set to default settings. They are:


    • Always redirect users to the ssl/tls ports when visiting /cpanel, /webmail, etc. -- BLANK
    • When visiting /cpanel or /whm or /webmail WITHOUT SSL, you can choose to redirect to: Origin Domain Name
    • When visiting /cpanel or /whm or /webmail with SSL, you can choose to redirect to: SSL Certificate Name
    • Redirect user to the following URL upon logout of the cPanel interface. A blank value specifies the default logout page. -- BLANK

    Also, I tried connecting to servername.mydomain.com:2087 and that worked better. Thanks.

    Regarding using mail.mydomain.com for outbound mail, I set this up years ago for one account in regard to some problem that my ISP (RoadRunner) had at the time. Can't even recall what the issue was, so maybe I'll switch back.

    Thanks again.

    Alan
     
  6. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    14,456
    Likes Received:
    195
    Trophy Points:
    63
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    They can be set to whatever floats yur boat, but you might want to try these settings:

    Always redirect users to the ssl/tls ports when visiting /cpanel, /webmail, etc. -- CHECKED
    When visiting /cpanel or /whm or /webmail WITHOUT SSL, you can choose to redirect to: Origin Domain Name
    When visiting /cpanel or /whm or /webmail with SSL, you can choose to redirect to: HOSTNAME
    Redirect user to the following URL upon logout of the cPanel interface. A blank value specifies the default logout page. -- http://yoursupportsite.com weblink

    Many ISPs these days make you use their outgoing mailserver details regardless of who's mail it is. Might be the problem.
     
Loading...

Share This Page