The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

SSL Certificate installs, but not with CA Bundle

Discussion in 'Security' started by redwunz, Nov 24, 2011.

  1. redwunz

    redwunz Registered

    Joined:
    Nov 24, 2011
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Reseller Owner
    (I apologize if there is already an answer to this out there. I searched for a couple hours, but since there is no error to search for, I had a hard time finding relevant results.)

    I'm installing an SLL certificate, from Comodo, and it works fine if I only input the CRT and KEY. I have verified this by going to the site in Chrome, IE9 and Firefox 8. I also tested it with SSL Certificate Tester - Check Certificates. No error appears, and the site seems to be secure.

    However, Comodo DOES say that the CA Bundle needs to be installed. Whenever I input the CA bundle and hit submit, cPanel gives no response, only a blank screen, and does not install the certificate.

    I've talked to Comodo tech support and they just referred me to their knowledge base on how to install SSL certificates, which I've followed.

    I've tried deleting the SSL Host and re-installing the certificate.

    I've tried restarting the Apache service.

    I've tried this in both cPanel and WHM, to the same result.

    Therefore my question is twofold:
    1. How important is it to install the CA Bundle, am I OK without it if I'm not getting errors and everything seems to be working fine? What are the implications of not installing the CA Bundle?
    2. If I DO need the CA Bundle, is this a cPanel problem or Comodo problem? I suspect cPanel since I'm not getting any kind of error or feedback after hitting submit.
    Any help is much appreciated!
     
  2. minosjl

    minosjl Well-Known Member

    Joined:
    Jun 4, 2011
    Messages:
    168
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    India
    cPanel Access Level:
    Root Administrator
    hi,

    As per comodo doc , we need to install CA certificate .Could you please check is there any old cert is located in the dir /usr/share/ssl/certs/ ,this one is the location where the certificates located.Some times that will cause issues.
     
  3. cPanelTristan

    cPanelTristan Quality Assurance Analyst
    Staff Member

    Joined:
    Oct 2, 2010
    Messages:
    7,623
    Likes Received:
    21
    Trophy Points:
    38
    Location:
    somewhere over the rainbow
    cPanel Access Level:
    Root Administrator
    Of note, the other location is /etc/ssl/certs for SSLs, since that other location was not noted.

    Normally, the cabundle should auto populate for most certificate providers without needing to actually add the cabundle into the bottommost field.

    Are you certain you are posting in the correct certificate? Normally, what you would do is paste the certificate provided by the vendor into the topmost box, then tab to the next field. The key file and cabundle should automatically populate along with the domain, username and IP fields.

    Finally, if you do have root SSH access (hard to know as your access level is listed as reseller rather than root), then check /usr/local/cpanel/logs/error_log when you try to do the cabundle installation otherwise to see if there are any errors reported there. You can run this command while trying to do the installation:

    Code:
    tail -fn0 /usr/local/cpanel/logs/error_log
     
  4. redwunz

    redwunz Registered

    Joined:
    Nov 24, 2011
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Reseller Owner
    Thank you very much for the quick response!

    I do not have Root SSH access, just WHM as a Reseller. Is there a way I can check those directories from there?

    Also, I tried doing as you suggested, just pasting in the CRT file. When I did that, the domain, IP and KEY all automatically filled in, but not the CA Bundle.

    Again, I appreciate your help.
     
  5. cPanelTristan

    cPanelTristan Quality Assurance Analyst
    Staff Member

    Joined:
    Oct 2, 2010
    Messages:
    7,623
    Likes Received:
    21
    Trophy Points:
    38
    Location:
    somewhere over the rainbow
    cPanel Access Level:
    Root Administrator
    You won't be able to check the directories without root access to the machine. Can you provide this information to your server provider to ask the root administrator there to check this out for you to see what is happening? At this point, you don't have much choice but to ask them for assistance with installing the SSL.
     
  6. redwunz

    redwunz Registered

    Joined:
    Nov 24, 2011
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Reseller Owner
    WOW! You're fast. Ok, I will talk to the admin. Thanks so much.
     
Loading...

Share This Page