I want to create a self-signed certificate for a retail site I'm working on. I plan on using a real one later, but I want to use a self-signed one for now because I will be moving it to another domain before the site goes live. When I installed the certificate through WHM, is supposedly installed correctly, but when I accessed the site through https://, it would time out. What's worse is when I try to uninstall the certificates through cPanel, it says, "The Certificate for retail.agstesting.com cannot be fully deleted, because it is installed in the system ssl directory!". I haven't found a way to delete them through WHM either. Where should I go from here?
You mean you can't afford $19.99 for a 1-year SSL certificate from GoDaddy?
Sounds like you've probably spent that much in lost time already (easy to do with SSL!), you might be best to just go buy one! Also - your test configuration is then going to be closer to your production configuration. And for all useful purposes, a $19.99 certificate works exactly the same as a $140 certificate.
Sounds like you've probably spent that much in lost time already (easy to do with SSL!), you might be best to just go buy one! Also - your test configuration is then going to be closer to your production configuration. And for all useful purposes, a $19.99 certificate works exactly the same as a $140 certificate.
I am aware that the yearly certificates aren't that much, however, if I can't set up a self-signed certificate, I'm thinking I will have the same problem with a paid one.
Notice how https://www.retail.agstesting.com/ times out. I setup a certificate as retail.agstesting.com and www.retail.agstesting.com. None of them work. Is there a way to delete the certificates and keys from the server when I get the error mentioned in the OP? I do have root access.
Notice how https://www.retail.agstesting.com/ times out. I setup a certificate as retail.agstesting.com and www.retail.agstesting.com. None of them work. Is there a way to delete the certificates and keys from the server when I get the error mentioned in the OP? I do have root access.
Have you assigned the site a dedicated IP? If not, that's your problem. When an SSL request comes in Apache works out what site it's for by the IP it came in on. This is, I suspect, largely because the request itself is encrypted so it can't determine from that where it should go.
Other than that, I'd just go through carefully and check things like the IP address you used when setting the cert up, and then try reinstalling it. You can delete SSL certs from one of the menu entries in WHM under SSL.
Also, make sure you do install everything in the SSL fields as mentioned in the documentation you get when you buy the certificate (which *is* one reason you should consider getting a real cert rather than a self-signed cert!). You're not Scottish are you?? :P
Other than that, I'd just go through carefully and check things like the IP address you used when setting the cert up, and then try reinstalling it. You can delete SSL certs from one of the menu entries in WHM under SSL.
Also, make sure you do install everything in the SSL fields as mentioned in the documentation you get when you buy the certificate (which *is* one reason you should consider getting a real cert rather than a self-signed cert!). You're not Scottish are you?? :P
Ok, I went through the process of spending the $19.99 for the certificate, and I ran into the same problem as I did with the self-signed certificate.
For information purposes only the site I'm having trouble with is https://www.andysgeneralstore.com/. I'm guessing that somethings wrong with my server SSL configuration. I do have root access.
Please have a look at it and offer some advice.
For information purposes only the site I'm having trouble with is https://www.andysgeneralstore.com/. I'm guessing that somethings wrong with my server SSL configuration. I do have root access.
Please have a look at it and offer some advice.
OK ... it seems like Apache isn't even listening for SSL (https - port 443) on that IP. It might be as simple as missing one of the directives for the site. I'd go through /etc/httpd/conf/httpd.conf and compare the directives for that site and a site that isn't working. Also, try deleting the SSL part and reinstalling it. You could also try changing the site IP. If the site IP you gave when you installed the certificate doesn't match the IP for andysgeneralstore.com that would give these symptoms.
Do you have SSL working on the same server for any other domain? Compare the configs.
I think you may be missing a NameVirtualHost directive at a guess - search for port 443. The SSL versions of the sites have their own config block in httpd.conf.
I think you may be missing a NameVirtualHost directive at a guess - search for port 443. The SSL versions of the sites have their own config block in httpd.conf.
I'm just guessing at this stage, but do you have a section in your httpd.conf looking like:
<IfDefine SSL>
Listen 80
Listen 443
</IfDefine>
Also, have you tried restarting Apache? (service httpd restart) and rebooting? I'm sure you have, but if not, it would be a good place to start. Also check your apache config in WHM to ensure you have ssl switched on, that could be a problem!
<IfDefine SSL>
Listen 80
Listen 443
</IfDefine>
Also, have you tried restarting Apache? (service httpd restart) and rebooting? I'm sure you have, but if not, it would be a good place to start. Also check your apache config in WHM to ensure you have ssl switched on, that could be a problem!
Under "Software" -> "Apache Update" there's an entry:
SSL Module (Version 2.8.27)
Obviously that should have a tick beside it. A long shot, but at this stage it's all worth checking. Did you check the other things I mentioned in the last post, ie the Listen 443?
SSL Module (Version 2.8.27)
Obviously that should have a tick beside it. A long shot, but at this stage it's all worth checking. Did you check the other things I mentioned in the last post, ie the Listen 443?
Also, is there anything funny in the apache logs when apache starts up? Check carefully because this will probably provide you with an instant answer. Also go to the logs first when something doesn't work.
I can't remember what causes that, but it's benign, I've had it before and it didn't stop SSL working. Did you check out all the other things we've discussed?
and in case u r running APF make sure you have port 443 open ! 
pico /etc/apf/conf.apf
scroll down and add 443 to
Common ingress (inbound) TCP ports
and
Common egress (outbound) TCP ports
and after the edit dont forget to restart APF with
apf -r
pico /etc/apf/conf.apf
scroll down and add 443 to
Common ingress (inbound) TCP ports
and
Common egress (outbound) TCP ports
and after the edit dont forget to restart APF with
apf -r
Last edited:
| Thread starter | Similar threads | Forum | Replies | Date |
|---|---|---|---|---|
| L | Sectigo issues with pending SSL's? | Security | 5 | |
| N | Endless issues with AutoSSL | Security | 6 | |
| S | Sectigo issues partial SSL certificate (only some of the hosts for the subdomain) | Security | 3 | |
| K | Please Help with these ssl issues | Security | 3 | |
|
SOLVED AutoSSL Issues | Security | 10 |