ssl/tls status output is blank

J

jndawson

Well-Known Member
Aug 27, 2014
350
39
78
Western US
cPanel Access Level
DataCenter Provider
The 'SSL/TLS Status' on one of our cpanel boxes stopped working - page comes up with column headers and blank data (see attached). SSL certs appear as normal in all other links. Not sure when this happened - customer brought it to our attention this morning.

This is true on all accounts we've checked (of about 550 that exist on this server). Also, the 'Advanced settings' toggle doesn't toggle or display anything. Rerunning autossl doesn't make a difference, and the scripts in /scripts/ don't appear to be related to correcting the problem.

using v.66.0.18 on Centos 6.9 w/ EA3

ssl_tls_status.png
 
Last edited:
F

fuzzylogic

Well-Known Member
Nov 8, 2014
154
95
78
cPanel Access Level
Root Administrator
Maybe have a look at your Modsecurity Hits List at...
WHM Home » Security Center » ModSecurity™ Tools » Hits List
then search for the phrase tls_status
to see if there are any corresponding rule hits.
That page view makes 2 http requests one for the part displayed in your attached image and another for the form content (the missing part of your attached image)
Both requests have the phrase tls_status in the request uri.
 
F

fuzzylogic

Well-Known Member
Nov 8, 2014
154
95
78
cPanel Access Level
Root Administrator
The request uri for the 2nd request is
/cpsessxxxxxxxxxx/frontend/paper_lantern/security/tls_status/views/view_domains.html.tt
which looks fairly safe to pass through most rule sets.
the response however has some funky looking strings in it though which I would suspect would not pass through many rule sets...
Code: 
="{{ :: domain.domain }}">{{ :: domain.domain }}</
would have to be considered high risk for tripping over a rule.

To be blocked by a Response rule SecResponseBodyAccess would have to be set to...
SecResponseBodyAccess On

Modsecurity default value is Off
cPanel OWASP3 (not specified, so Off)
OWASP CRS 3.0.0 (not specified, so Off)
Comodo CWAF_Apache (Set to Off)

This could possibly be a difference between cPanel boxes if they all have the same modsecurity rule sets. (and assuming that a modsecurity rule is causing this problem, which has not been confirmed)
 
Last edited:
J

jndawson

Well-Known Member
Aug 27, 2014
350
39
78
Western US
cPanel Access Level
DataCenter Provider
fuzzylogic said:
Maybe have a look at your Modsecurity Hits List at...
WHM Home » Security Center » ModSecurity™ Tools » Hits List
then search for the phrase tls_status
to see if there are any corresponding rule hits.
That page view makes 2 http requests one for the part displayed in your attached image and another for the form content (the missing part of your attached image)
Both requests have the phrase tls_status in the request uri.
Click to expand...
Nope, not a modsec issue, and it's the only cpanel box that it's happening on.
 
F

fuzzylogic

Well-Known Member
Nov 8, 2014
154
95
78
cPanel Access Level
Root Administrator
Have you had a look at the Response code (in Firefox firebug or Chrome Developer tools) for the second request of that page load?
Or is the 2nd request even being made?
Here are the 2 requests made when I try to reproduce the problem...
Code: 
cpsessxxxx/frontend/paper_lantern/security/tls_status/#/
cpsessxxxx/frontend/paper_lantern/security/tls_status/views/view_domains.html.tt
Both requests return a 200 OK response code in my setup.

I can't find the second url hard coded in the html source so I assume it is written by JavaScript.
So if the 2nd request is not being made then suspect a JavaScript error.
If JavaScript error is suspected try changing cPanel theme if not using paper_lantern.
 
J

jndawson

Well-Known Member
Aug 27, 2014
350
39
78
Western US
cPanel Access Level
DataCenter Provider
fuzzylogic said:
I can't find the second url hard coded in the html source so I assume it is written by JavaScript.
So if the 2nd request is not being made then suspect a JavaScript error.
If JavaScript error is suspected try changing cPanel theme if not using paper_lantern.
Click to expand...
Thanks for the tip. It's definitely a rendering issue due to javascript error.
 
cPanelMichael

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,880
2,267
463
Hello,

Do you notice any output to /usr/local/cpanel/logs/error_log when you encounter this issue?

Thank you.
 
cPanelMichael

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,880
2,267
463
jndawson said:
No, nothing in any logs anywhere. That's what's puzzling. We'll be opening a ticket, at some point, if we can't figure it out.
Click to expand...
Could you post the ticket number here once the ticket is opened?

Thanks.
 
You must log in or register to reply here.
Thread starter Similar threads Forum Replies Date
amstel SSL/TLS: Renegotiation DoS Vulnerability Security 3
Alrissa SOLVED SSL/TLS status icon is missing Security 8
R SSL/TLS Status is blank Security 1
M ERROR SSL INSTALL: TLS Status: Defective Security 3
sneader SOLVED SSL/TLS Status feature question Security 2
Similar threads
SSL/TLS: Renegotiation DoS Vulnerability
SOLVED SSL/TLS status icon is missing
SSL/TLS Status is blank
ERROR SSL INSTALL: TLS Status: Defective
SOLVED SSL/TLS Status feature question
Top Bottom