The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

SSL on WHM/Cpanel stoped working

Discussion in 'General Discussion' started by kamau, Jun 25, 2003.

  1. kamau

    kamau Member

    Joined:
    Jan 20, 2003
    Messages:
    10
    Likes Received:
    0
    Trophy Points:
    1
    I no longer cannot access WHM via https://domain-host:2087

    And can only use http://domain-host:2086

    Last thing we did was to do a symbolic link of two folders into /home/ folder, ie. /usr/local now has symlink pointed to /home/usr/local/ & second one /usr/share symlink pointing to /home/usr/share

    We were trying to get some space for /usr partition, be'se it was 82% used and these two folders looked logical to do symlinks into /home folder like we do with our Cobalt servers.

    Could this be the problem?? any ideas??

    cPanel.net Support Ticket Number:
     
  2. DWHS.net

    DWHS.net Well-Known Member
    PartnerNOC

    Joined:
    Jul 28, 2002
    Messages:
    1,569
    Likes Received:
    6
    Trophy Points:
    38
    Location:
    LA, Costa RIca
    cPanel Access Level:
    Root Administrator
    It happened to us to, but only on one server.

    Cpanel didn't even update which might of explained it.

    I rebooted apache and did the dns fix script to make it work again.

    No changes to the server either just out of no where ssl failed.

    Strange stuff.

    cPanel.net Support Ticket Number:
     
  3. purplepaws

    purplepaws Well-Known Member

    Joined:
    Jan 15, 2002
    Messages:
    153
    Likes Received:
    0
    Trophy Points:
    16
    Same here. Restart of Apache cleared the problem on one server, other servers were not affected.

    I got a bit hot under the collar as we were doing some work on the server last night, and I thought we had broken something!

    :)

    cPanel.net Support Ticket Number:
     
  4. cass

    cass Well-Known Member

    Joined:
    Jul 17, 2002
    Messages:
    354
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Argentina/USA/Mexico
    If you get any problem with 2087/2083/2096 SSL...
    you can just try to :
    1) Delete /usr/local/cpanel/etc/*.pem
    2) Goto WHM and do a "Reset WHM/Cpanel cert" this will create the cert again
    3) do a : /etc/rc.d/init.d/cpanel restart

    it should work.
    I have same problem a while ago ...
    also the reset cert was not overwriting the old cert, so I needed to manually delete it ...

    Regards.

    cPanel.net Support Ticket Number:
     
  5. purplepaws

    purplepaws Well-Known Member

    Joined:
    Jan 15, 2002
    Messages:
    153
    Likes Received:
    0
    Trophy Points:
    16
    This didnt just happen on the WHM SSL to us, it happened on several domains SSL too.

    cPanel.net Support Ticket Number:
     
  6. DWHS.net

    DWHS.net Well-Known Member
    PartnerNOC

    Joined:
    Jul 28, 2002
    Messages:
    1,569
    Likes Received:
    6
    Trophy Points:
    38
    Location:
    LA, Costa RIca
    cPanel Access Level:
    Root Administrator
    What timing, lucky apache (restart) fixed it I was about pull out the works to fix it too.

    if this is the worst that we get for a while I will be a happy admin.

    -Charles

    cPanel.net Support Ticket Number:
     
  7. kamau

    kamau Member

    Joined:
    Jan 20, 2003
    Messages:
    10
    Likes Received:
    0
    Trophy Points:
    1
    If you get any problem with 2087/2083/2096 SSL...
    you can just try to :
    1) Delete /usr/local/cpanel/etc/*.pem
    2) Goto WHM and do a "Reset WHM/Cpanel cert" this will create the cert again
    3) do a : /etc/rc.d/init.d/cpanel restart

    Thanks!! & I've TRIED the above, but still problem is not gone. still cannot load WHM/Cpanel via SSL on any of the above three ports

    I deleted *.pem in above folder & when I go to WHM and type the machine host domain-host.com and click on fecth it, it brings up the certificates on screen and now when I click "Do it" it generated one *.pem file, ie. mycpanel.pem and does not generate cpanel.pem

    Also if I try to install SSL for WHM by going to "Install an SSL certificate .... for a domain.." at WHM I have a problem where by if I type in the host-name for the machine, then IP# what user should I type in, be'se when I type user as; root and click "do it" I get user does not exist.

    So when you say in (2) above go to WHM and reset WHM/Cpanel cert, which part of the WHM menu option does one use?? is it the "change cpanel/WHM cert..." or Install an SSL certificate and setup domain..."

    Lastly, my assumption is you also have your /usr/local and /usr/share both folders moved and symlinked to /home/usr/local & /home/usr/share respectively, right??

    thanks again & looking forward for more hints to resolve this troubles...

    cPanel.net Support Ticket Number:
     
  8. cass

    cass Well-Known Member

    Joined:
    Jul 17, 2002
    Messages:
    354
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Argentina/USA/Mexico
    Did you do :
    /etc/rc.d/init.d/cpanel3 restart ?

    Check that you see an "OK" right to the "SSL Services"... ie:
    Starting Cpanel7 services: [ OK ]
    Starting WebMail services: [ OK ]
    Starting pop3 services: [ OK ]
    Starting Cpanel7 Chat services: [ OK ]
    Starting Melange Chat services:
    Starting Cpanel7 ssl services: [ OK ]
    Starting Web Host Manager services: [ OK ]


    .... oh also...
    do you have the ports open right?
    if you have a firewall, check the port is listening and not blocked.
    try :
    lsof | grep 2087

    you should see something like :
    stunnel-4 1129 root 7u IPv4 76786663 TCP *:2087 (LISTEN)
    stunnel-4 28893 root 7u IPv4 76786663 TCP *:2087 (LISTEN)

    Regards.
     
    #8 cass, Jun 26, 2003
    Last edited: Jun 26, 2003
  9. kamau

    kamau Member

    Joined:
    Jan 20, 2003
    Messages:
    10
    Likes Received:
    0
    Trophy Points:
    1
    Thanks Cass!

    I did

    /etc/rc.d/init.d/cpanel3 restart ?

    And got ok....

    Check that you see an "OK" right to the "SSL Services"... ie:
    Starting Cpanel7 services: [ OK ]
    Starting WebMail services: [ OK ]
    Starting pop3 services: [ OK ]
    Starting Cpanel7 Chat services: [ OK ]
    Starting Melange Chat services:
    Starting Cpanel7 ssl services: [ OK ]
    Starting Web Host Manager services: [ OK ]

    BUT when I do

    lsof | grep 2087

    I get a blank and no error ie. after I presss return, but if I do the same for port 2086 or 2082 I get the LISTEN reply line similar to what you have.

    What do you think/advice??

    cPanel.net Support Ticket Number:
     
  10. kamau

    kamau Member

    Joined:
    Jan 20, 2003
    Messages:
    10
    Likes Received:
    0
    Trophy Points:
    1
    RESOLVED ok

    Just to let everyone finally we resolved this issue by re-starting stunnel mannually or from command line, ie. /usr/local/cpanel/startstunnel

    & all https:// ports worked again, thanks for all your tips/ideas...

    cPanel.net Support Ticket Number:
     
  11. elor

    elor Active Member

    Joined:
    Apr 20, 2003
    Messages:
    32
    Likes Received:
    0
    Trophy Points:
    6
    Just a quick note. After plowing through these steps above a few times and not seeing the problem I had. I remembered that browsers can cache certs if you tell them to and won't let you back in if you've changed your server cert. So,

    If your browser is on a Mac, or you're using AOL ( netscape/mozilla). Goto preferences-security-certificates-manage certificates. Scroll down until you see anything familiar then delete it. In IE, it's internet options-content-certificates.

    sometimes it's the simple things....

    cPanel.net Support Ticket Number:
     
    #11 elor, Aug 4, 2003
    Last edited: Aug 4, 2003
  12. bennet

    bennet Well-Known Member

    Joined:
    Apr 25, 2002
    Messages:
    68
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Brazil
    cPanel Access Level:
    Root Administrator
    Very good! Here it also worked, besides it increased it period of expiration of the certificate.

    Thank you

    cPanel.net Support Ticket Number:
     
  13. ricu5

    ricu5 Member

    Joined:
    Mar 14, 2003
    Messages:
    11
    Likes Received:
    0
    Trophy Points:
    1
    Tried all no avail

    Hello
    I tried everything above..still no ssl access to cpanel...
    ssl works on everything else though
    heres an error using curl from com line
    all ports are open firewall is off
    curl https://**.***.**.**/ without specifying port 2087,2096,2083
    returns this
    curl: (35) SSL: error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol

    curl https://**.***.**.**:2087 or 2083 or 2096
    returns this
    curl: (7) Connect failed


    Rich

    cPanel.net Support Ticket Number:
     
  14. ricu5

    ricu5 Member

    Joined:
    Mar 14, 2003
    Messages:
    11
    Likes Received:
    0
    Trophy Points:
    1
    SSL

    Hello
    I just upgraded to edge 145..I dont usually use edge..
    but the problem went away..
    Thanks

    cPanel.net Support Ticket Number:
     
  15. poppyq

    poppyq Well-Known Member

    Joined:
    Jul 15, 2003
    Messages:
    54
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Austin, TX
    When I run Reset cPanel/WHM Certificate from WHM it uses information such as GB for the country, Berkshire for the City and such instead of information pertaining to my server, where do I fix this so that it uses the correct info (including hostname)

    cPanel.net Support Ticket Number:
     
  16. poppyq

    poppyq Well-Known Member

    Joined:
    Jul 15, 2003
    Messages:
    54
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Austin, TX
    On second note, they do actually work (wasn't using the ssl ports such as 2087 for ssl whm instead of 2086 for non-ssl) however, I want to make the /cpanel and /whm redirects go to the ssl versions instead of to the non-ssl, how do I do this? I would have thought at installing the certificate it would do it automatically.

    cPanel.net Support Ticket Number:
     
Loading...

Share This Page