Category: WHM

Moving your SSL Certificate to a new host in WHM

October 2, 2014 The Geek Decoder No Comments cPanel, SSL Certificates, WHM

Dedicated IP Transfer

If you select Dedicated IP for the account while transferring it, it should transfer with a working SSL certificate from cPanel to cPanel transfers. If you do not select Dedicated IP during the account transfer, it will transfer the certificate, but it will not install the SSL due to the dedicated IP missing.

If Transfered with a Shared IP

You should be able to re install the SSL using WHM > SSL/TLS > Install a SSL Certificate and Setup the Domain area by clicking the “Browse” button to find the domain.

If the domain isn’t listed, then that would mean the certificate didn’t get transferred. At that point, then you’d simply have to check /usr/local/apache/conf/httpd.conf on the old machine for the domain’s VirtualHost entry to find the path to the certificate, RSA key and cabundle files (normally, those are in /etc/ssl/certs and /etc/ssl/private locations).

Moving your SSL Certificate to a new host in WHM

Retrieve Data from WHMFind the SSL/TLS section in WHM

  • Click “ssl manager” in WHM
  • Click the disk icon for domain.com.crt (where domain.com is the domain you want to copy)
  • Copy that cert to notepad and save the file (this is the .crt information)
  • Click the disk icon for domain.com.key (where domain.com is the domain you want to copy)
  • Copy that information to notepad and save the file (this is the .key information)

WHM (Web Hosting Manager)

WebHost Manager is the control center of the CPanel / WebHost Manager package. It is used to set up and manage accounts. Use WHM to install your issued certificate.

You need both the certificate and key files to install the certificate.

To install an SSL certificate:

Click on the “Install an SSL Certificate and Setup the Domain link” in the SSL/TLS menu.
Paste the information from the .crt file in the top box (The .crt file starts with
—–BEGIN CERTIFICATE—–)
Enter the domain that the certificate is issued for, the user name for the users account, and Dedicated IP address assigned for the certificate in the Domain, User, and IP Address fields.
Paste the information from the .key file in the second box (The .key file starts with
—–BEGIN RSA PRIVATE KEY—–)
Check to make sure that the IP address and domain name and username is all correct then
Click on the button to install the certificate.
The last section for the “ca bundle” is not required as this is a single certificate install.

Problem adding addon domain in cpanel

August 27, 2014 The Geek Decoder No Comments cPanel, WHM

Error:

Sorry, the domain is already pointed to an IP address that does not appear to use DNS servers associated with this server. Please transfer the domain to this servers nameservers or have your administrator add one of its nameservers to /etc/ips.remotedns and make the proper A entries on that remote nameserver.

Logon to WHM Select Tweak Settings under Server Setup Put checkboxes next to both: Allow Creation of Parked/Addon Domains that are not registered Allow Creation of Parked/Addon Domains that resolve to other servers (ie domain transfers) [This can be a major security problem. If you must have it enabled, be sure to not allow users to park common internet domains.]

Server Load High in cPanel/WHM Server

August 23, 2014 The Geek Decoder No Comments Apache, cPanel, WHM

Check the settings and add/adjust as follows:

Find the configuration file:

root@serv [~]# /usr/local/apache/bin/httpd -V
Server version: Apache/2.2.27 (Unix)
Server built:   Jun 12 2014 01:44:45
Cpanel::Easy::Apache v3.24.19 rev9999
Server's Module Magic Number: 20051115:33
Server loaded:  APR 1.5.0, APR-Util 1.5.3
Compiled using: APR 1.5.0, APR-Util 1.5.3
Architecture:   64-bit
Server MPM:     Prefork
  threaded:     no
    forked:     yes (variable process count)
Server compiled with....
 -D APACHE_MPM_DIR="server/mpm/prefork"
 -D APR_HAS_SENDFILE
 -D APR_HAS_MMAP
 -D APR_HAVE_IPV6 (IPv4-mapped addresses disabled)
 -D APR_USE_SYSVSEM_SERIALIZE
 -D APR_USE_PTHREAD_SERIALIZE
 -D SINGLE_LISTEN_UNSERIALIZED_ACCEPT
 -D APR_HAS_OTHER_CHILD
 -D AP_HAVE_RELIABLE_PIPED_LOGS
 -D DYNAMIC_MODULE_LIMIT=128
 -D HTTPD_ROOT="/usr/local/apache"
 -D SUEXEC_BIN="/usr/local/apache/bin/suexec"
 -D DEFAULT_PIDLOG="logs/httpd.pid"
 -D DEFAULT_SCOREBOARD="logs/apache_runtime_status"
 -D DEFAULT_LOCKFILE="logs/accept.lock"
 -D DEFAULT_ERRORLOG="logs/error_log"
 -D AP_TYPES_CONFIG_FILE="conf/mime.types"
 -D SERVER_CONFIG_FILE="conf/httpd.conf"

The config file is usually at:
/usr/local/apache/conf/httpd.conf

Add/Edit the config:

Start Servers 32
Minimum Spare Servers 32
Maximum Spare Servers 256
Server Limit 2000
Max Clients 1500
Keep-Alive On

How to Install an SSL Certificate via WHM with Root Access

July 30, 2014 The Geek Decoder No Comments cPanel, SSL Certificates, WHM

1. Login to your WHM
2. Assigned dedicated IP – You will then select the IP Functions icon from the Main Menu.

Then, select ‘Change Site’s IP Address’ icon. You will now see a list of the domains and users on your server. Find the domain you are wishing to install the SSL Certificate on and click the ‘Change’ button at the bottom of the page. You will now be given a drop down list of available IPs for you to assign to your site. Select the IP you want and click the ‘Change’ button and your site’s IP will be changed (Make sure not to set this to ‘main shared IP’).

whm-ssl-domain-ip-user-fields

3. Install the SSL Certificate – Go back to the Main Menu and select the ‘SSL/TLS’ icon.

Then select ‘Install an SSL Certificate on a Domain’ icon. You will then be taken to the ‘Install an SSL Certificate on a Domain’ management page. You will need to fill out all fields in order to install the SSL Certificate.

A. Enter the CSR into the first field.

whm-ssl-csr-field

The SSL Manager will then try to fetch the rest of the fields needed. It should fill in the next three fields as such.

If any of this information isn’t correct then your SSL Certificate isn’t issued properly and you need to contact your SSL issuer for them to assist you with having the SSL Certificate reconfigured.

B. You will now need to insert the RSA key (If one was automatically fetched for you, please replace it with the one we have given you).

whm-ssl-rsa-field

C. You will then need to enter your CA Bundle in the last field (If you do not enter a CA then the SSL Certificate will appear as self-signed and a warning will be shown when customers attempt to access your site securely).

whm-ssl-ca-bundle-field

Once you enter all three needed aspects of the SSL Certificate (CRT, RSA, and CA Bundle) then click the ‘Install’ button. The server will then install the SSL Certificate and notify of completion or if any errors that may have occurred. The new certificate should begin to work immediately and you may view your site using https:// to confirm this.

Newer Panels Versions

Manually enter information

To manually enter all of the information for your certificate:

Enter your domain in the Domain field.

When you enter the complete domain name, the Autofill by Domain option will appear next to the Domain field. If you wish to continue to enter information manually, do not click Autofill by Domain.
If the selected domain is not dedicated to a specific IP address, select an available IP address from the IP Address menu. You can only select an IP address that is labeled as shared oravailable.
In the Certificate field, copy and paste the entire contents of your certificate’s .crt file.
In the Private Key field, copy and paste the entire contents of your certificate’s .key file.
If you chose to install a purchased certificate, you may need to fill in the Certificate Authority Bundle (optional) field. If you do not have the information, contact the organization from which you purchased the certificate.
Click Install.
You can click Reset to remove the information from all fields.
If the installation is successful, WHM will display a message to indicate that the certificate installed. If the installation is unsuccessful, WHM will display an error message to indicate the problem. More information about how to troubleshoot an SSL installation is available.

Error with restarting SSHD in WHM

July 21, 2014 The Geek Decoder No Comments WHM

Issue

Error with restarting SSHD in WHM. Verified the error, but SSHD appears to restart and take changes anyways even though the error is reported by WHM. Restarted SSHD from SSH does not show any errors and there is nothing in the logs about any errors with SSHD.

Fix

The issue here is that SSH is running on a non-standard port (3333). WHM/Cpanel doesn’t support non-standard ports in WHM.

DNS Glue records in WHM

April 27, 2014 The Geek Decoder No Comments DNS, WHM

You must add this DNS glue record to use you nameservers.

  1. Log into WHM.
  2. Navigate to the DNS Functions section.
  3. Click on the Edit DNS Zone option.
  4. Select the domain that you need to add the Records to.
  5. Click the Edit button and wait for the page to load.
  6. In the first blank, type ns1.
  7. Skip the box with 14400, and go to the drop-down box.
  8. In the drop-down box, select A. A new box will appear.
  9. Erase the IP or hostname within the box.
  10. Type in the IP address for the NS1 private nameserver.
  11. In the second blank, type ns2.
  12. Skip the box with 14400, and go to the drop-down box.
  13. In the drop-down box, select A. A new box will appear.
  14. Erase the IP or hostname within the box.
  15. Type in the IP address for the NS2 private nameserver.
  16. Scroll all the way down to the bottom of the page and click the Save button.

When you get to the last step, your A record entries should look similar to the following:

Glue Record