Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

SSL access to webmail.domain does not work

Discussion in 'E-mail Discussion' started by Luana Premoli, Feb 15, 2019.

  1. Luana Premoli

    Luana Premoli Well-Known Member

    Joined:
    Oct 3, 2016
    Messages:
    54
    Likes Received:
    5
    Trophy Points:
    8
    Location:
    São Paulo/Brazil
    cPanel Access Level:
    Root Administrator
    Hi,

    We have multiple servers with EA4 where clients can not log in to webmail.domain when using https: // in the URL, but access without https: // is normally done.

    Code:
    [root@br820 ~]# [[ -f /etc/cpanel/ea4/is_ea4 ]] && echo "This box uses EA4" || echo "This box uses EA3"
    This box uses EA4
    [root@br820 ~]#
    [root@br820 ~]# httpd -v
    Server version: Apache/2.4.38 (cPanel)
    Server built:   Jan 30 2019 02:20:05
    [root@br820 ~]#
    [root@br820 ~]#
    [root@br820 ~]# grep '' /usr/local/cpanel/version
    11.70.0.66
    [root@br820 ~]#
    [root@br820 ~]# exim --version
    Exim version 4.91 #1 built 11-May-2018 09:49:25
    Copyright (c) University of Cambridge, 1995 - 2018
    (c) The Exim Maintainers and contributors in ACKNOWLEDGMENTS file, 2007 - 2018
    Berkeley DB: Berkeley DB 4.7.25: (September 12, 2013)
    


    Code:
    - Removed -
    

    Some domains show:

    - Removed -


    Apache Server at webmail.example.com Port 443





    Code:
     - Removed -
    


    Other domains are redirected to the site:


    - Removed -


    Thanks

    Moderator note, please review:
    Guide To Opening An Effective Forums Thread
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #1 Luana Premoli, Feb 15, 2019
    Last edited by a moderator: Feb 18, 2019
  2. Luana Premoli

    Luana Premoli Well-Known Member

    Joined:
    Oct 3, 2016
    Messages:
    54
    Likes Received:
    5
    Trophy Points:
    8
    Location:
    São Paulo/Brazil
    cPanel Access Level:
    Root Administrator
    Hi,

    I was informed that webmail.domain will not work because support for nginx in EA4 has been removed.

    Is that correct?

    Thanks
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. cPanelMichael

    cPanelMichael Technical Support Community Manager Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    47,335
    Likes Received:
    2,163
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hello @Luana Premoli,

    Nginx is not something that's been supported in the past. Are you using it as part of a specific third-party plugin?

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  4. Luana Premoli

    Luana Premoli Well-Known Member

    Joined:
    Oct 3, 2016
    Messages:
    54
    Likes Received:
    5
    Trophy Points:
    8
    Location:
    São Paulo/Brazil
    cPanel Access Level:
    Root Administrator
    I checked with the responsible staff, and it was installed from the outside.

    Could you explain the step by step default settings so that access to https: //webmail.domain works normally?


    Currently only http: //webmail.domain works.

    Thanks
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  5. cPanelMichael

    cPanelMichael Technical Support Community Manager Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    47,335
    Likes Received:
    2,163
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hello @Luana Premoli,

    Service Subdomains open with the "https" URL by default with Apache. You can read about how this works at:

    Service Subdomains Explanation - cPanel Knowledge Base - cPanel Documentation

    I recommend converting back to Apache if the issue with third-party Nginx plugin is not solvable.

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  6. Luana Premoli

    Luana Premoli Well-Known Member

    Joined:
    Oct 3, 2016
    Messages:
    54
    Likes Received:
    5
    Trophy Points:
    8
    Location:
    São Paulo/Brazil
    cPanel Access Level:
    Root Administrator
    Hi,


    Nginx has already been removed ... and this is the reason we have the problem accessing the address https: //webmail.domain
    .
    We must have some misconfiguration and I'm not finding out what it is.

    Can you tell me which files I have to check, and a correct configuration template so I can compare?

    Thanks
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  7. cPanelMichael

    cPanelMichael Technical Support Community Manager Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    47,335
    Likes Received:
    2,163
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hello @Luana Premoli,

    Can you open a support ticket so we can take a closer look at your system to see why it's not working? You can post the ticket number here and we'll link this thread to it.

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  8. Luana Premoli

    Luana Premoli Well-Known Member

    Joined:
    Oct 3, 2016
    Messages:
    54
    Likes Received:
    5
    Trophy Points:
    8
    Location:
    São Paulo/Brazil
    cPanel Access Level:
    Root Administrator
    Hi,

    We have identified that in virtualHost of port 443 has the webmail and cpanel entries, but virtualHost of port 80 does not have.


    When we removed the entry from virtualHost at 443 access to the https://webmail.domain address was done correctly.

    The question is:

    1. Has the virtual host format changed from EA3 to EA4?
    2. How to fix for the whole server because it is server shared and has more than 500 sites.

    Thanks
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  9. cPanelMichael

    cPanelMichael Technical Support Community Manager Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    47,335
    Likes Received:
    2,163
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hello @Luana Premoli,

    The behavior you reported is not reproducible on a standard environment, so access to the system is needed to provide you with accurate advice. Are you able to open a support ticket so we can see the exact change you made and verify how the system is configured?

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  10. Luana Premoli

    Luana Premoli Well-Known Member

    Joined:
    Oct 3, 2016
    Messages:
    54
    Likes Received:
    5
    Trophy Points:
    8
    Location:
    São Paulo/Brazil
    cPanel Access Level:
    Root Administrator
    The actual issue it seems is that we are missing stuff from our ssl_vhost.local template. It doesn't have the following code block.

    Code:
    [%- IF proxysubdomains && vhost.proxy_subdomains && supported.mod_proxy && supported.mod_rewrite && vhost.proxy_subdomains.size %]
        <IfModule headers_module>
        RequestHeader set X-HTTPS 1
        </IfModule>    RewriteEngine On
        [%- FOR label__zones = vhost.proxy_subdomains %]
            [%- FOR basezone = label__zones.value %]
                RewriteCond %{HTTP_HOST} =[% label__zones.key %].[% basezone %] [OR]
                RewriteCond %{HTTP_HOST} =[% label__zones.key %].[% basezone %]:[% vhost.port %][% !loop.last && ' [OR]' %]
            [%- END %]
            RewriteCond %{HTTP:Upgrade} !websocket   [nocase]        [% proxy_subdomain_redirect_rule(label__zones.key) %]
        [%- END %]    [%- FOR label__zones = vhost.proxy_subdomains %]
            [%- ws_redirect = proxy_subdomain_websocket_redirect_rule_if_exists(label__zones.key) %]
            [%- IF ws_redirect %]
                RewriteCond %{HTTP:Upgrade} websocket   [nocase]
                [%- FOR basezone = label__zones.value %]
                    RewriteCond %{HTTP_HOST} =[% label__zones.key %].[% basezone %] [OR]
                    RewriteCond %{HTTP_HOST} =[% label__zones.key %].[% basezone %]:[% vhost.port %][% !loop.last && ' [OR]' %]
                [%- END %]            [% ws_redirect %]
            [%- END %]
        [%- END %]
    [%- END %] 

    Without those directives those requests do not get passed back to cPanel.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  11. cPanelMichael

    cPanelMichael Technical Support Community Manager Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    47,335
    Likes Received:
    2,163
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    If you're no longer using Nginx and you no longer need custom modifications to the default Apache virtual host templates, then you can remove the ssl_vhost.local file and rebuild the Apache configuration file with the following command:

    Code:
    /scripts/rebuildhttpdconf
    This will ensure the default Apache virtual host configuration templates are utilized.

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice