The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

WHM SSL key keeps getting reset

Discussion in 'General Discussion' started by philpem, May 3, 2006.

  1. philpem

    philpem Member

    Joined:
    Aug 12, 2005
    Messages:
    17
    Likes Received:
    0
    Trophy Points:
    151
    Hi,
    In December last year I got a LiteSSL certificate for my hosting server, mainly because the "OMG! This is a selfsigned certificate!" warnings from Firefox were getting annoying.

    The problem is, the certificate just won't install through the "Set cPanel/WHM certificate" function. To get around this, I found a method that involved overwriting the cPanel certificate in /usr/local/cpanel/etc/cpanel.pem with the certificate from LiteSSL. Up until now, this has worked fine.

    Now every day at midnight, the certificate is regenerated and the original certificate gets overwritten with cPanel's self signed certificate. This is incredibly annoying, because I have to reinstall the new certificate every time it gets overwritten.

    The CN on the certificate is 'secure.castlecore.com' - that's the address customers use to access WHM, and that's what I entered in the Set Certificate page's "Domain" box. I also tried "castlecore.com", which didn't work either. There's also an SSL server set up on the same address, which is being using for the secure signup pages and scripts (our creation).

    Is there any way to deal with this? Ideally I'd like to get the cPanel "Set cPanel/WHM" certificate function working (or at least find out why it isn't working), but even a way to stop my certificate getting overwritten every day would be useful.

    Thanks.
     
    #1 philpem, May 3, 2006
  2. Rooter

    Rooter Well-Known Member

    Joined:
    Apr 23, 2003
    Messages:
    146
    Likes Received:
    1
    Trophy Points:
    168
    Location:
    Houston, Texas, U.S.A.
    cPanel Access Level:
    Root Administrator
    I have a couple LiteSSL certificates myself as well. Here is what I did to temporarily fix it until cPanel stops overwriting the files.

    What this does is set the immutable bit on the file so that it cannot be modified or removed.
    chattr -V +i /usr/local/cpanel/etc/mycpanel.pem /usr/local/cpanel/etc/mycpanel.cabundle

    To undo the above change:
    chattr -V -i /usr/local/cpanel/etc/mycpanel.pem /usr/local/cpanel/etc/mycpanel.cabundle

    To simply see whether or not these files have the immutable bit currently set:
    lsattr /usr/local/cpanel/etc/mycpanel.*

    In my case, I set it to a few more files to help prevent certain updates from breaking SSL for my FTP and mail services.
    /etc/ssl/private/pure-ftpd.pem (This is only applicable if you use Pure-FTPd.)
    /etc/exim.key /etc/exim.crt (Both of these are of course for Exim.)

    To modify the immutable bit for all of the files at once simply append the extra file paths to the command line separated by spaces.

    Be sure to remember that you have done this or at least make note of it somewhere if you even think you might forget because when it comes time to renew or replace your SSL certificate it could cause you a big headache trying to remember how or what you did.
     
    #2 Rooter, May 5, 2006
  3. philpem

    philpem Member

    Joined:
    Aug 12, 2005
    Messages:
    17
    Likes Received:
    0
    Trophy Points:
    151
    It's supposed to be copied in as mycpanel.pem? Wow, that explains a fair bit...

    Copied it in as mycpanel.{pem,cabundle} last night - hopefully cP will leave it alone now. If not, I'll chmod +i it.

    Thanks for the help.
     
    #3 philpem, May 6, 2006
    Last edited: May 6, 2006
(You must log in or sign up to post here.)
Loading...
Similar Threads - keeps getting reset
  1. Benjamin Boyce

    Shared Server keeps getting black listed.

    Benjamin Boyce, Jan 22, 2017, in forum: E-mail Discussions
    Replies:
    3
    Views:
    256
    cPanelMichael
    Jan 25, 2017
  2. sallad131

    Cron Job Keeps Changing...

    sallad131, May 24, 2017, in forum: General Discussion
    Replies:
    1
    Views:
    74
    cPanelMichael
    May 24, 2017
  3. gseven

    MySQL Keeps Crashing

    gseven, Mar 25, 2017, in forum: Database Discussions
    Replies:
    7
    Views:
    414
    ssfred
    Mar 29, 2017
  4. mikefromnz

    Apache keeps rebooting and PHP-FPM 500's

    mikefromnz, Mar 3, 2017, in forum: EasyApache
    Replies:
    1
    Views:
    246
    cPanelMichael
    Mar 3, 2017
  5. alvie90s

    Cpanel keeps blocking my IP address

    alvie90s, Jan 24, 2017, in forum: General Discussion
    Replies:
    1
    Views:
    410
    cPanelMichael
    Jan 25, 2017

Share This Page