SOLVED Your free cPanel-signed hostname SSL certificate (DNSONLY)

Wallu

Active Member
Jan 13, 2020
28
7
3
Finland
cPanel Access Level
Root Administrator
Hi all!

A bit confused here, but if this is somehow true, I'm glad :)

Just received two emails (with certs), one for each NS saying:

---
(topic) Your free cPanel-signed hostname SSL certificate for ns3.xxxxxxx.xx is available

Your system upgrade to cPanel & WHM includes a free SSL certificate for your server's hostname. This email confirms that the system will soon automatically download and install your free SSL certificate.
---

Now, both of these servers are DNSONLY, which means there is no Apache, no /var/www/html/ or /usr/local/apache/htdocs/ ...and I have port 80 closed.

My question is: should I open port 80 (even though everything gets denied there because no webserver), or how does this work?

Thanks,

- Wallu
 

cPanelLauren

Product Owner
Staff member
Nov 14, 2017
13,296
1,271
313
Houston
Hello,

We install the certificate for cPanel/WHM services specifically(cpsrvd in this instance primarily). While it can be installed for apache you wouldn't need to install this for DNSOnly because there's no webserver and you wouldn't need to open those ports.
 

Wallu

Active Member
Jan 13, 2020
28
7
3
Finland
cPanel Access Level
Root Administrator
Hi Lauren, thanks for replying.

Actually, after your reply, I checked one of my NS, and I can see that there is a cert from cPanel. Even though it's "just" a DNSONLY server, it's good to have real cert for port 2087. Better than self-signed. Awesome.

The reason I was not seeing this before, is that my browser (Chrome) is still saying that it's not secure, although the cert is valid. Not sure why.

EDIT: while writing this: I logged out, closed the tab and refreshed the page on a new tab, all is good now. No more "Not secure".

Sorry about the confusion, all is good now.

Thanks!

- Wallu
 
  • Like
Reactions: cPanelLauren