Webmail subdomain not working

securityinfos

Registered
Apr 9, 2014
3
0
1
cPanel Access Level
Root Administrator
Since i have WHM 11.42.1 (build 5) version, https://webmail.domain.com gives me ssl error :
Codice di errore: ERR_SSL_PROTOCOL_ERROR

I tried to disable proxy subdomains and reenable but the problems persists
 

koda

Well-Known Member
Jan 10, 2014
63
2
58
cPanel Access Level
Root Administrator
SSL Webmail stopped redirecting from non-SSL url

Something really odd is happening this morning on one of our mail server.
Till yesterday, when we entered in the URL address: webmail.domainname.com we where correctly being redirected to https://webmail.domainname.com:2096

But this is not the case anymore this morning.

It gets redirected to: https://webmail.domainname.com WITHOUT the port and so gives an SSL error

We didn't tweak any setting. I checked all the "redirect" related settings in WHM and they are identical to our other server where redirecting still occurs.
I deleted browser cache and everything but this was not the problem.

Any hint will be much appreciated! Thanks
 
Last edited:

justjaph

Member
Oct 17, 2013
10
0
51
cPanel Access Level
Root Administrator
Hello.

Just to shed some light here:

The apache error_log has lots of "Invalid method in request \x16\x03\x01" related to this problem and it's tracked back to "ssl request on unencrypted port".

Apparently Apache is listening on port 443 but unencrypted: if you telnet webmail.domain.dom 443 and do a GET / <enter><enter>, you'll have a "plain" response and that shouldn't happen with SSL:

~$ telnet webmail.domain.dom 443
Trying xxx.xxx.xxx.xxx ...
Connected to webmail.domain.dom.
Escape character is '^]'.
GET /
<html><head><META HTTP-EQUIV="refresh" CONTENT="0;URL=/cgi-sys/defaultwebpage.cgi"></head><body></body></html>
Connection closed by foreign host.

Does this help narrowing it down ?
 

jerry1091

Registered
Aug 7, 2007
2
0
51
I think our issue is more that the Rewrite is not happening correctly in apache
This is the same for all the subdomain proxies (cpanel, whm, webmai, webdisk and autoconfig)
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,904
2,218
463
Hello :)

We have a few internal cases open regarding this issue. Please note the following entries in the change logs:

11.42.1.7
Fixed case 82597: CPanel proxy subdomains use the configured cPanel service cert.
Fixed case 97245: Corrected SSL redirect behavior for subdomain proxies.


11.42.1.1
Fixed case 46364: Updated cpanel proxy configuration to work with SSL properly.


Could you verify if the issue continues after upgrading to cPanel version 11.42.1.7?

Thank you.
 

RockingGamer

Registered
Apr 10, 2014
2
0
1
cPanel Access Level
Root Administrator
SSL connection error on certain domains

Hi There,

Until recently i could access webmail.domain.com and access the webmail.

But now it gives an error:

Secure Connection Failed

An error occurred during a connection to webmail.domain.co.uk. SSL received a record that exceeded the maximum permissible length. (Error code: ssl_error_rx_record_too_long)

I know i can visit the webmail by going to domain.com/webmail but i would like to fix the problem if possible.

So does anyone have any ideas?

Thanks
 
Last edited by a moderator:

SS-Maddy

Well-Known Member
Mar 28, 2009
130
18
68
cPanel Access Level
Root Administrator
May be you could try upgrading WHM to 11.42.1.7 from 5 and see whether it solves the issue. It may if these issues reported and yours are related.
 

John D

Member
Feb 10, 2014
13
0
1
cPanel Access Level
Root Administrator
Hi, I've tried a /scripts/upcp --force but it is still saying i'm running 11.42.1.5 .. is this due to the mirror I am using, if so how can I change it to one that has the latest updates.

Thank you!
 

John D

Member
Feb 10, 2014
13
0
1
cPanel Access Level
Root Administrator
May be you could try upgrading WHM to 11.42.1.7 from 5 and see whether it solves the issue. It may if these issues reported and yours are related.
I've updated to EDGE build 11.42.1.7 and after doing a "/scripts/rebuildhttpdconf" and restarting httpd, SSL is now working properly again. No more "SSL Connection Error" due to sending un-encrypted html on port 443.
 

SS-Maddy

Well-Known Member
Mar 28, 2009
130
18
68
cPanel Access Level
Root Administrator
Good. But dont forget to set it back to release once it is pushed to release from edge.