SSL + WHM BUG !!!

K

kerosin

Well-Known Member
Aug 27, 2002
83
0
156
Since I've reported this bug in bugzilla at 2002-09-01 and still nobody even assigned the bug and it's not fixed in 5.0.0build 59 I'm posting it here:

When I enable SSL by installing SSL certs on certain domain with cgi-bin
enabled then lines like this are added to httpd.conf and ssl is actually working:

---------------------------------------------------------------------
&IfDefine SSL&
&VirtualHost 192.168.0.30:443&
ServerAdmin [email protected]
DocumentRoot /home/weeds/public_html
ServerName www.weeds-nantucket.com
CustomLog /usr/local/apache/domlogs/www.weeds-nantucket.com-ssl_log &%t %{version}c %{cipher}c %{clientcert}c&
SSLEnable
SSLCertificateFile /usr/share/ssl/certs/www.weeds-nantucket.com.crt
SSLCertificateKeyFile /usr/share/ssl/private/www.weeds-nantucket.com.key
SSLLogFile /var/log/www.weeds-nantucket.com
UserDir public_html

ScriptAlias /cgi-bin/ /home/weeds/public_html/cgi-bin/

SetEnvIf User-Agent &.*MSIE.*& nokeepalive ssl-unclean-shutdown
&/VirtualHost&
&/IfDefine&
---------------------------------------------------------------------


!!! But lines :

--------------
User weeds
Group weeds
--------------

in this SSL virtualhost section are missing. So IS IMPOSSIBLE TO RUN scripts same way like on non ssl host (with suExec) . Doesn't it seems like bug ?



Thanks

MichaL
 
K

kerosin

Well-Known Member
Aug 27, 2002
83
0
156
So, this really doesn't seems like bug to anybody ??????



Developers ? No comment? ;)



Michal
 
J

Juanra

Well-Known Member
Sep 22, 2001
777
0
316
Spain
Well it obviously seems to be a real bug, in fact it has been reported several times at bugzilla. I reported this in June:
http://www.cpanel.net/bugzilla/show_bug.cgi?id=663
http://www.cpanel.net/bugzilla/show_bug.cgi?id=790
http://www.cpanel.net/bugzilla/show_bug.cgi?id=798
(you might want to mark yours as duplicate of 790 ;) )
 
J

jsteel

Well-Known Member
Jul 4, 2002
646
0
166
Atlanta, GA
I have the following entry in my httpd.conf (IPs, Domains and Usernames have been masked below), but it causes Apache to fail loading. any ideas? The SSLCACertificateFile must be there as the bundle that CPanel has does not have the latest entry for InstantSSL.

Jaz
---------------------------------------------
&IfDefine SSL&
&VirtualHost ###.###.###.###:443&
ServerAdmin [email protected]
DocumentRoot /home/domain/public_html
ServerName secure.domain.com
CustomLog /usr/local/apache/domlogs/domain.com-ssl_log &%t %{version}c %{cipher}c %{clientcert}c&
User username
Group username
SSLEnable
SSLCertificateFile /usr/share/ssl/certs/secure.domain.com.crt
SSLCertificateKeyFile /usr/share/ssl/private/secure.domain.com.key
SSLCACertificateFile /usr/share/ssl/certs/secure.domain.com.cabundle
SSLLogFile /var/log/secure.domain.com
UserDir public_html
ScriptAlias /cgi-bin/ /home/username/public_html/cgi-bin/
SetEnvIf User-Agent &.*MSIE.*& nokeepalive ssl-unclean-shutdown

&/VirtualHost&
&/IfDefine&
---------------------------------------------------------------------
 
J

jsteel

Well-Known Member
Jul 4, 2002
646
0
166
Atlanta, GA
I've got it loading now, however, I can't access the URL. I have an A record in the domain's zone file. Any ideas?
 
D

DaveUsedToWorkHere

Well-Known Member
Dec 28, 2001
686
1
318
[quote:f62eddf2f1][i:f62eddf2f1]Originally posted by jsteel[/i:f62eddf2f1]

I have the following entry in my httpd.conf (IPs, Domains and Usernames have been masked below), but it causes Apache to fail loading. any ideas? The SSLCACertificateFile must be there as the bundle that CPanel has does not have the latest entry for InstantSSL.

Jaz
---------------------------------------------
&IfDefine SSL&
&VirtualHost ###.###.###.###:443&
ServerAdmin [email protected]
DocumentRoot /home/domain/public_html
ServerName secure.domain.com
CustomLog /usr/local/apache/domlogs/domain.com-ssl_log &%t %{version}c %{cipher}c %{clientcert}c&
User username
Group username
SSLEnable
SSLCertificateFile /usr/share/ssl/certs/secure.domain.com.crt
SSLCertificateKeyFile /usr/share/ssl/private/secure.domain.com.key
SSLCACertificateFile /usr/share/ssl/certs/secure.domain.com.cabundle
SSLLogFile /var/log/secure.domain.com
UserDir public_html
ScriptAlias /cgi-bin/ /home/username/public_html/cgi-bin/
SetEnvIf User-Agent &.*MSIE.*& nokeepalive ssl-unclean-shutdown

&/VirtualHost&
&/IfDefine&
---------------------------------------------------------------------
[/quote:f62eddf2f1]

Shouldn't there be a serveralias entry in the virtual host?
 
J

jsteel

Well-Known Member
Jul 4, 2002
646
0
166
Atlanta, GA
No, the ServerAlias is not required when it is exactly the same as the ServerName. It simply defines aliases to the server name.

The problem in this case was the lack of a NameVirtualHost parameter for port 43 just after the IfDefine tag.

Jaz
 
You must log in or register to reply here.
Thread starter Similar threads Forum Replies Date
anton_latvia SOLVED WHM error - SSL_ERROR_INTERNAL_ERROR_ALERT Security 3
J WHM & SSL Question Security 5
A auto ssl not working on whm and all sites hosted on server Security 1
S cPanel and WHM both do not recognize SSL certificate Security 2
M [Urgent] SSL will expire but WHM not renewed him Security 5
Similar threads
SOLVED WHM error - SSL_ERROR_INTERNAL_ERROR_ALERT
WHM & SSL Question
auto ssl not working on whm and all sites hosted on server
cPanel and WHM both do not recognize SSL certificate
[Urgent] SSL will expire but WHM not renewed him
Top Bottom