The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

SSL Info Being Removed After Nightly CPanel Update!!!

Discussion in 'General Discussion' started by nitromax, Feb 17, 2002.

  1. nitromax

    nitromax Well-Known Member

    Joined:
    Feb 12, 2002
    Messages:
    189
    Likes Received:
    0
    Trophy Points:
    16
    Hello,

    I have a serverwide SSL certificate setup on my server, and it seems to be working just fine. However, every night, after CPanel updates my server, all of the info in the /usr/local/apache/conf/httpd.conf file which defines the serverwide SSL certificate is automatically removed! Of course SSL no longer functions. I then have to copy and paste it back in and restart apache.

    First of all, does anyone know why it keeps removing this info from the httpd.conf file? It seems to leave other custom entries in that file, but not the SSL info I have specified.

    And second, when that SSL code is in the httpd.conf file and you try to restart apche from the WHM, the WHM gives the following error message:

    &httpd has failed, please contact the sysadmin.&

    ... the thing is, it really does restart apache and there are no apparent problems. I'm sure it saying it for a reason, I'm just not sure what that is. Does Any one know what's happening here? Of course when CPanel removes the code every night you can restart apache from the WHM and that error message doesn't display, becuase it plucked the offensive code out of the file.

    Here is the code that it is automatically removed. Do I have something messed up here? Is there a different way to do it?

    ## Serverwide SSL Start ##

    &IfDefine SSL&

    &Directory /home/*&
    Options FollowSymLinks ExecCGI Indexes
    AllowOverride All
    &/Directory&

    &VirtualHost _default_:443&
    ServerAdmin support@yourhostserver.com
    ServerName www.secureserver4.com
    ServerAlias 157.238.132.6
    DocumentRoot /usr/local/apache/htdocs
    TransferLog /usr/local/apache/logs/ssl_log
    ErrorLog /usr/local/apache/error.log

    UserDir public_html
    Options Indexes FollowSymLinks ExecCGI Includes

    SSLEngine on
    SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
    SSLCertificateFile /usr/local/apache/conf/ssl.crt/server.crt
    SSLCertificateKeyFile /usr/local/apache/conf/ssl.key/server.key

    # Client Authentication (Type):
    SSLVerifyClient 0
    SSLVerifyDepth 10

    #SSLOptions +FakeBasicAuth +ExportCertData +CompatEnvVars +StrictRequire
    &Files ~ &\.(cgi|shtml|phtml|php3?)$&&
    SSLOptions +StdEnvVars
    &/Files&
    &Directory &/usr/local/apache/cgi-bin&&
    SSLOptions +StdEnvVars
    &/Directory&

    SetEnvIf User-Agent &.*MSIE.*& \
    nokeepalive ssl-unclean-shutdown \
    downgrade-1.0 force-response-1.0

    CustomLog /usr/local/apache/logs/ssl_request_log \
    &%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \&%r\& %b&

    &/VirtualHost&
    &/IfDefine&

    ## End Serverwide SSL ##


    Any help would be appreciated! :)


    --
    Chad Roadhouse
     
  2. nitromax

    nitromax Well-Known Member

    Joined:
    Feb 12, 2002
    Messages:
    189
    Likes Received:
    0
    Trophy Points:
    16
    Still Need Help!!! Please!!!

    Actually we removed the &IfDefine& open and close tag. And we've experamented with taking various things out. Still being removed on nightly updates.

    As an added issue that we need help with right away... We have several customers that have their own SSL certificate. We tried adding one of them in to the system thru the CPanel function that does that, and once it added the code into the httpd.conf file Apache wouldn't restart. I had to go in a comment out the SSL code it put in there. Why is apache not restarting???

    Can anyone show me an httpd.conf file that has the approriate code in it to run and listen to port 80 and 443 that is not getting removed from the httpd.conf file every time CPanel updates? Is there a way to setup SSL in it's own httpd.conf file like Alabanza had it, so that it works with CPanel?
     
  3. PPNSteve

    PPNSteve Well-Known Member

    Joined:
    Mar 13, 2003
    Messages:
    393
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    Somewhere in Ilex Forest
    cPanel Access Level:
    Root Administrator
    Twitter:
    if you are using the new apache builds in cPanel, just put your ssl code in an include file using the includes editor..
     
Loading...

Share This Page