The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

SSL error when accessing /webmail with a valid certificate

Discussion in 'Security' started by Erjen, Aug 4, 2014.

  1. Erjen

    Erjen Member

    Joined:
    Jul 14, 2014
    Messages:
    20
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    Hi,

    I installed a valid and working certificate on the cPanel server on (cPanel/WHM/Webmail Service) and when I access domain:2083, domain:2087, domain:2096, it works all fine and as expected. But when I access domain/webmail, it gives an certificate error.. very strange. I don't change the domainname.

    Any ideas?

    Thanks!
     
  2. kdean

    kdean Well-Known Member

    Joined:
    Oct 19, 2012
    Messages:
    262
    Likes Received:
    12
    Trophy Points:
    18
    Location:
    Orlando, FL
    cPanel Access Level:
    Root Administrator
    Make sure your accessing domain/webmail as http and not https since it will try to use SSL for the domain first which may not have a valid cert... unless domain is your hostname and you have the cert installed regularly for it as well.

    Also, go to WHM » Server Configuration » Tweak Settings

    Under the Redirection settings, either ser Always redirect to SSL to On, or if set to Off, make sure that SSL redirect destination is set to Hostname.
     
  3. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,852
    Likes Received:
    675
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello :)

    Please let us know the specific URL you are using, including whether you are utilizing https or http. As mentioned in the previous post, you likely need to update the redirection settings in "Tweak Settings".

    Thank you.
     
  4. Erjen

    Erjen Member

    Joined:
    Jul 14, 2014
    Messages:
    20
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    The redirection was already set to always on.
    But I am looking into it now for a few hours and I think the problem is something else. Because every site I check with a SSL checker, it complains about the SSL chain. Like this error:
    But I definetely installed the intermediate certificate. I go to SSL manager > Manage SSL sites > select the domain > Autofill by Domain. Then the Certificate Authority Bundle: (CABUNDLE) is empty so I copy the intermediate certificate there. It says that it is installed correctly but when I load that page again, the CA cert is gone.. is that normal? Maybe there is a problem?

    Thanks for the responses by the way!
     
  5. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,852
    Likes Received:
    675
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
  6. Erjen

    Erjen Member

    Joined:
    Jul 14, 2014
    Messages:
    20
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
  7. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,852
    Likes Received:
    675
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Right, when you initially use a secure URL, it's not going to redirect requests to the hostname or SSL certificate name. You will see a SSL certificate warning if it's not the certificate installed for the service. Note that you may be interested in the following feature request:

    SSL certificate per domain on all services | cPanel Feature Requests

    Thank you.
     
  8. Erjen

    Erjen Member

    Joined:
    Jul 14, 2014
    Messages:
    20
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    Thank you for your reply Michael.
    And I understand what you say, but I think that's not the problem.
    The certificate is installed for this service: "cPanel/WHM/Webmail Service".
    It doesn't redirect to another hostname, that stays the same. It only redirects from "/webmail" to ":2096" but for both additions, the certificate is valid.

    Like I said before, I think there is a problem with the certificate chain. I also discovered that the warning only exists in Firefox and on mobile phones, not in Chrome or IE. Also, all the SSL checks shows that there is a problem with the chain.

    Somehow, cPanel doesn't save the CABUNDLE certificate and apparently doesn't get it from the public repository.

    Any ideas?
    Thanks again.
     
  9. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,852
    Likes Received:
    675
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Feel free to open a support ticket using the link in my signature if you want us to take a closer look. You can post the ticket number here so we can update this thread with the outcome.

    Thank you.
     
Loading...

Share This Page