The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Trouble using install_ssl via api

Discussion in 'cPanel Developers' started by gsusonline, Jul 18, 2017.

Tags:
  1. gsusonline

    gsusonline Registered

    Joined:
    Jul 18, 2017
    Messages:
    4
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Edinburgh
    cPanel Access Level:
    Website Owner
    Hi there, i'm wondering if someone can help?

    I have a php web application (run on dedicated server) that requires the creation of databases / subdomains on the fly. We use the cPanel API to create these dbs/users/suddomains, however we also require the each subdomain we create to user our wildcard SSL cert. Currently we have to ask our service providers to add the SSL to our newly created subdomain which is quite annoying.

    We currently use a library class to make the calls to the cPanel api - github.com/N1ghteyes/cpanel-UAPI-php-class which covers api1 / api2 / uapi and works great for all the request apart from install SSL, which doesn't work, this is the call we currently make;

    Code:
    $installssl = $capi->uapi->SSL->install_ssl(array(
                'domain'    => $databasename.".".$url,
                'cert'      => '-----BEGIN CERTIFICATE-----
            XXX
            -----END CERTIFICATE-----',
                'key'       => '-----BEGIN RSA PRIVATE KEY-----
            XXX
            -----END RSA PRIVATE KEY-----',
                'cabundle'      => '-----BEGIN CERTIFICATE-----
            XXX
            -----END CERTIFICATE-----',
        ));
    This attempt is using the uapi but doesn't do anything - cerficates just show as did their default self-signed. Having tried this multiple times, i wanted to rule out the being an issue with the class, so I walked through the uapi documentation example and used the function they have prepared for this, see below;

    Code:
    public function cPanelSSLInsert(){
            // Log everything during development.
            error_reporting(E_ALL);
    
            $cpanelusr = 'XXX';
            $cpanelDBUser = 'XXX';
            $cpanelpass = 'XXX';
            $url = 'XXX';
            $capi = new cpanelAPI($cpanelusr, $cpanelpass, $url);
            $databasename = $this->sitenames;
            $databaseuser = $this->username;
            $databasepass = $this->password;
    
            // Declare your username and password for authentication.
            $username = $cpanelusr;
            $password = $cpanelpass;
    
            // Define the API call.
            $cpanel_host = 'localhost';
            $request_uri = "[URL]https://$cpanel_host:2083/execute/SSL/install_ssl[/URL]";
    
            // Set up the payload to send to the server.
            $payload = array(
                'domain' => $databasename.".".$url,
                'cert'   => '-----BEGIN CERTIFICATE-----
                    XXX
                    -----END CERTIFICATE-----',
                'key'    => '-----BEGIN RSA PRIVATE KEY-----
                    XXX
                    -----END RSA PRIVATE KEY-----'
            );
    
            // Set up the cURL request object.
            $ch = curl_init( $request_uri );
            curl_setopt( $ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC );
            curl_setopt( $ch, CURLOPT_USERPWD, $username . ':' . $password );
            curl_setopt( $ch, CURLOPT_SSL_VERIFYHOST, false );
            curl_setopt( $ch, CURLOPT_SSL_VERIFYPEER, false );
    
            // Set up a POST request with the payload.
            curl_setopt( $ch, CURLOPT_POST, true );
            curl_setopt( $ch, CURLOPT_POSTFIELDS, $payload );
            curl_setopt( $ch, CURLOPT_RETURNTRANSFER, true );
    
            // Make the call, and then terminate the cURL caller object.
            $curl_response = curl_exec( $ch );
            curl_close( $ch );
    
            // Decode and validate output.
            $response = json_decode( $curl_response );
            if( empty( $response ) ) {
                echo "The cURL call did not return valid JSON:\n";
                die( $response );
            } elseif ( !$response->status ) {
                echo "The cURL call returned valid JSON, but reported errors:\n";
                die( $response->errors[0] . "\n" );
            }
    
            // Print and exit.
            // die( print_r( $response ) );
        }
    However this returns the following error;

    "The cURL call returned valid JSON, but reported errors: The certificate could not be installed on the domain XXX"

    It seems like no matter what i do, i cannot create an SSL certificate via the API. Can anyone help at all?
     
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    37,086
    Likes Received:
    1,288
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
  3. gsusonline

    gsusonline Registered

    Joined:
    Jul 18, 2017
    Messages:
    4
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Edinburgh
    cPanel Access Level:
    Website Owner
    Hi there,

    Thanks for your reply. I've tried this and it does not make a difference unfortunately. Please see updated code below;

    Code:
    public function cPanelSSLInsert(){
           // Log everything during development.
           error_reporting(E_ALL);
    
           $cpanelusr = 'XXX';
           $cpanelDBUser = 'XXX';
           $cpanelpass = 'XXX';
           $url = 'XXX';
           $capi = new cpanelAPI($cpanelusr, $cpanelpass, $url);
           $databasename = $this->sitenames;
           $databaseuser = $this->username;
           $databasepass = $this->password;
    
           // Declare your username and password for authentication.
           $username = $cpanelusr;
           $password = $cpanelpass;
    
           // Define the API call.
           $cpanel_host = 'localhost';
           $request_uri = "[URL]https://$cpanel_host:2083/execute/SSL/install_ssl[/URL]";
    
    [INDENT]// Define the SSL certificate and key files.[/INDENT]
            $cert_file = realpath("protected/extensions/cpanel-UAPI-php-class-master/cert.crt");
            $key_file = realpath("protected/extensions/cpanel-UAPI-php-class-master/key.key");
            $ca_file = realpath("protected/extensions/cpanel-UAPI-php-class-master/cabundle.crt");
    
           // Set up the payload to send to the server.
           $payload = array(
                'domain' => $databasename.".".$url,
                'cert'   => file_get_contents($cert_file),
                'key'    => file_get_contents($key_file),
                'cabundle'    => file_get_contents($ca_file),
           );
    
           // Set up the cURL request object.
           $ch = curl_init( $request_uri );
           curl_setopt( $ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC );
           curl_setopt( $ch, CURLOPT_USERPWD, $username . ':' . $password );
           curl_setopt( $ch, CURLOPT_SSL_VERIFYHOST, false );
           curl_setopt( $ch, CURLOPT_SSL_VERIFYPEER, false );
    
           // Set up a POST request with the payload.
           curl_setopt( $ch, CURLOPT_POST, true );
           curl_setopt( $ch, CURLOPT_POSTFIELDS, $payload );
           curl_setopt( $ch, CURLOPT_RETURNTRANSFER, true );
    
           // Make the call, and then terminate the cURL caller object.
           $curl_response = curl_exec( $ch );
           curl_close( $ch );
    
           // Decode and validate output.
           $response = json_decode( $curl_response );
           if( empty( $response ) ) {
               echo "The cURL call did not return valid JSON:\n";
               die( $response );
           } elseif ( !$response->status ) {
               echo "The cURL call returned valid JSON, but reported errors:\n";
               die( $response->errors[0] . "\n" );
           }
    
           // Print and exit.
           // die( print_r( $response ) );
       }
    I've tested the paths to these files are correct and it pulls the correct files. But i still get the following response;

    "The cURL call returned valid JSON, but reported errors: The certificate could not be installed on the domain “XXX”."
     
  4. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    37,086
    Likes Received:
    1,288
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    This can sometimes happen if you are using the wrong CABundle, or not including the CABundle as part of the certificate installation, however it looks like you are entering a CABundle based on your example. Could you open a support ticket using the link in my signature so we can take a closer look to see what might be causing this error message.

    Thank you.
     
  5. gsusonline

    gsusonline Registered

    Joined:
    Jul 18, 2017
    Messages:
    4
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Edinburgh
    cPanel Access Level:
    Website Owner
    Hi there, apologies, had completely missed your comment. I tried to open a ticket, but i do not have access to the WHM as root, so i can't open the support ticket wizard - is there a facility to create a support ticket with a WHM user?
     
  6. gsusonline

    gsusonline Registered

    Joined:
    Jul 18, 2017
    Messages:
    4
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Edinburgh
    cPanel Access Level:
    Website Owner
    I'll get out server guys to open this ticket as it will take to long otherwise. Thanks, will get this done just now
     
  7. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    37,086
    Likes Received:
    1,288
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Feel free to post the ticket number here once it's opened and we will update this thread with the outcome.

    Thanks!
     
Loading...

Share This Page