Okay, the situation is this: for reasons unknown the SSL links into CPanel and WHM have stopped working (the non-SSL ones work fine).
I have scanned the forums both here and at cpanel.net and tried such things as:
- Restarting CPanel (in as many ways as I can think of).
- Restarting Apache (with SSL, via the service and in any way I could thing of).
- Restarting stunnel.
- Regenerating and reinstalling the cpanel.pem certificate.
- Restoring the certificates from known working backups.
- Rebuilding Apache to ensure SSL is built in okay.
- Getting the latest CPanel from upcp.
- Rebooting the machine.
All to no avail.
The only clue I have is that when shutting down CPanel, it looks like the Cpanel SSL service isn't there:
Stopping cPanel services: [ OK ]
Stopping webmail services: [ OK ]
Stopping pop3 services: [ OK ]
Stopping cPanel log services: [ OK ]
Stopping cPanel Chat services: [FAILED]
Stopping Melange Chat services: [FAILED]
Stopping InterChange services: [FAILED]
Stopping cPanel ssl services: [FAILED]
Stopping Web Host Manger services: [ OK ]
Stopping mailman services: Shutting down Mailman's master qrunner
When I start it up, though, it looks okay:
Starting SMTP Tweak: [ OK ]
Starting eximstats: [ OK ]
Starting cPanel services: [ OK ]
Starting WebMail services: [ OK ]
Starting pop3 services: [ OK ]
Starting cPanel Chat services:
Starting Melange Chat services:
Starting cPanel ssl services: [ OK ]
Starting Web Host Manager services: [ OK ]
Starting mailman services: Starting Mailman's master qrunner.
A check of the logs doesn't indicate a problem with CPanel's SSL services, but those shutdown messages seem to indicate there is one.
All other SSLs on the box work fine, so I don't believe this is a global SSL problem.
I've been scratching my head all day on this (and I have little enough hair left as it is, so I can ill afford to keep doing this) and I am simply out of ideas, so if anyone has any suggestions I'd be most grateful.
Full Version: CPanel/WHM SSL
Have you checked the firewall?
Try, once you've SSHd into the server, typing "telnet 127.0.0.1 2087" did you get "Connection refused" (i.e. the SSL side of WHM isn't even listening)
Try, once you've SSHd into the server, typing "telnet 127.0.0.1 2087" did you get "Connection refused" (i.e. the SSL side of WHM isn't even listening)
Hi,
Thanks for the suggestion.
I checked the firewall and port 2087 is allowed through. However the "telnet 127.0.0.1 2087" test does indeed give a 'Connection refused' reponse. Wouldn't I expect that though with telnet disabled?
Thanks for the suggestion.
I checked the firewall and port 2087 is allowed through. However the "telnet 127.0.0.1 2087" test does indeed give a 'Connection refused' reponse. Wouldn't I expect that though with telnet disabled?
No when you type "telnet localhost 2087" you are telling it to connect on port 2087 instead of the standard telnet port. Telnet is a great tool for telling if something is working.
As for your problem try and manually restart the ssl software and see what error you get:
# /usr/bin/stunnel-4.04local /usr/local/cpanel/etc/stunnel/default/stunnel.conf
As for your problem try and manually restart the ssl software and see what error you get:
# /usr/bin/stunnel-4.04local /usr/local/cpanel/etc/stunnel/default/stunnel.conf
QUOTE
Originally posted by eth00
No when you type "telnet localhost 2087" you are telling it to connect on port 2087 instead of the standard telnet port. Telnet is a great tool for telling if something is working.
As for your problem try and manually restart the ssl software and see what error you get:
# /usr/bin/stunnel-4.04local /usr/local/cpanel/etc/stunnel/default/stunnel.conf
No when you type "telnet localhost 2087" you are telling it to connect on port 2087 instead of the standard telnet port. Telnet is a great tool for telling if something is working.
As for your problem try and manually restart the ssl software and see what error you get:
# /usr/bin/stunnel-4.04local /usr/local/cpanel/etc/stunnel/default/stunnel.conf
Hi,
Thanks for the above. It didn't give any error messages at the command prompt, but what it did do was issue some messages to the log (which I wasn't getting previously).
The upshot of this is that it indicated that imaps was conflicting with stunnel somewhere, so I disabled imaps in /etc/xinetd/imaps, restarted xinet and the SSL WHM/CPanel started to work again.
What is odd is that I don't have an imaps file in my other two CPanel systems (just a cpimap file).
I just hope nothing actually needs imaps!
Thanks again for your help.
I am having this exact same problem no my cPanel box! 2087 and 2083 are bot repsonding on https. 2086/2082 work fine on http though. I was attempting to set up SSL when this happened. I think I screwed up and inadvertantly tried to install my QuickSSL cert om the main shared IP for the box and this is what caused my problem. Now I can't get it fixed. Any ideas on what I need to do to get my cPanel box running https again?
Thanks,
DB
Thanks,
DB
Well what errors do you get when you run the above program, its probably something to do with the cert for the ssltunnel.
Wehn I try to go to WHM/cPanel on 2087/2083 I get the standard "The page cannot be displayed" error. I tried to telnet 127.0.0.1 2087 and got "connection refused". I even tried to install my own ccl cert for secure.mydomain.com and all went fine as in I got no errors. Then when I try to go to secure.mydomain.com I get the "The page cannot be displayed" error again.
DB
DB
Hi,
Try running: /usr/bin/stunnel-4.04local /usr/local/cpanel/etc/stunnel/default/stunnel.conf then looking in /var/log/messages. This is what actually gave me the clue that led to sorting it out.
Try running: /usr/bin/stunnel-4.04local /usr/local/cpanel/etc/stunnel/default/stunnel.conf then looking in /var/log/messages. This is what actually gave me the clue that led to sorting it out.
Well I got this solved. The techs at EV1 got it all sorted out. I am not sure what happened. Waiting for the response to the TT now!
Wow, you have been waiting a really long time for the TT update 
Hey I know this is a pretty old post, but any chance of an update. Same exact thing happenning on one of our systems and thought maybe no need to go over all this stuff again in a new post.
THX
Hey I know this is a pretty old post, but any chance of an update. Same exact thing happenning on one of our systems and thought maybe no need to go over all this stuff again in a new post.
THX
Login to the non-ssl WHM and try "Reset cPanel/WHM Certificate"
I had tried that yesterday and again now. I was getting a little discouraged since that didnt work, but after applying the ole MS theory of graceful reboot ... BAM!! That did it!
Thanks for the help. Good fix.
Thanks for the help. Good fix.
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.