The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Server cannot verify manually created SSL Certificates!!

Discussion in 'General Discussion' started by DReade83, Jun 30, 2007.

  1. DReade83

    DReade83 Well-Known Member

    Joined:
    Oct 20, 2006
    Messages:
    196
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Cheshire, UK
    Generated a new SSL cert, tried to install and:

    Any idea what this means?
     
  2. ddovidenko

    ddovidenko Registered

    Joined:
    Dec 13, 2006
    Messages:
    4
    Likes Received:
    0
    Trophy Points:
    1
    The problem is actually that their perl script check, take a look at /scripts/cPScript/SSLInfo.pm

    if ( $cab =~ /BEGIN CERTIFICATE/ ) {
    open( SSL, ">", "$sslroot/certs/cert_test.cabundle.${random}" );
    chmod( 0600, "$sslroot/certs/cert_test.cabundle.${random}" );
    print SSL $cab;
    close(SSL);
    my $cab_verify = $openssl->verifyfile( "$sslroot/certs/cert_test.cabundle.${random}" );
    my $clean_cab_verify = _strip_ssl_warnings($cab_verify);
    if ( $clean_cab_verify !~ /^ok/i && $clean_cab_verify !~ /^\//i ) {
    return ( 0,
    "Certificate bundle verification failed!\n"
    . "<br>Verifcation Result [$clean_cab_verify]\n" );
    }
    }

    my $crt_verify =
    $openssl->verify( $crt, "$sslroot/certs/cert_test.cabundle.${random}" );
    my $verify = _strip_ssl_warnings($crt_verify);
    unlink("$sslroot/certs/cert_test.cabundle.${random}");

    if ( $verify =~ /^ok/i || $verify =~ /^\//i ) {
    return ( 1,
    "Cerificate verification passed!\n"
    . "<br>Verifcation Result [$verify]\n" );
    }
    else {
    return ( 0,
    "Certificate verification failed!\n"
    . "<br>Verifcation Result [$verify]\n" );
    }

    You need to use /scripts/installssl to install ssl certs until there is a fix from cPanel.
     
    #2 ddovidenko, Jul 1, 2007
    Last edited: Jul 1, 2007
  3. cPanelNick

    cPanelNick Administrator
    Staff Member

    Joined:
    Mar 9, 2015
    Messages:
    3,426
    Likes Received:
    2
    Trophy Points:
    38
    cPanel Access Level:
    DataCenter Provider


    It doesn't appear to handle unchained ssl certs correctly in that build.
    14823 appears to solve the problem.
     
Loading...

Share This Page