1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

SSL whm login

Discussion in 'Server Configuration and Hosting' started by NeoCHI, Mar 9, 2014.

  1. NeoCHI

    NeoCHI Active Member

    So I've been procrastinating on this. Basically, I have a dedicated server where my forum runs and whenever I go to the whm login page it shows:

    The site's security certificate is not trusted!
    blah blah blah

    I don't fully understand the scope of this warning and have googled about it. Basically, my question is, is it important to setup a SSL certificate for my whm login? If so can someone point me in the direction of how to get this done?
     
  2. MattW

    MattW Well-Known Member

    Buy a cert, verify the domain name in use, and install the cert in WHM for the services

    upload_2014-3-9_11-49-37.png
     
  3. woei

    woei Well-Known Member

    Self Signed certificates are not accepted by most browsers. You can try to import it on your system, but it's only accepted by default on your system then. It's not really important to have a certificate but it does give an extra layer of security, you know for sure you are connecting to the server and not some other server. If you want a cheap good and well accepted like Positive SSL certificate I can recommend https://www.namecheap.com/security/ssl-certificates.aspx for as low a 8$ . I have done so for my cPanel server and planning to make my current forum also available in SSL :)
     
  4. NeoCHI

    NeoCHI Active Member

    What should I use as my domain name? My IP? When I go to my WHM it's basically my server's IP:2087

    Which certificate should I use? I don't see one for 8$
     
  5. MattW

    MattW Well-Known Member

    What ever you want. I have mine as a subdomain of my main site domain name ie cpanel.mattwservices
     
  6. woei

    woei Well-Known Member

  7. Sheratan

    Sheratan Well-Known Member

    Be careful. If you install SSL for single domain, you might see SSL error if you access cpanel.yourdomain.com

    You need wildcard if you want SSL for your domain and subdomain.
     
  8. MattW

    MattW Well-Known Member

    Not if you by a cert for each domain + subdomain
     
  9. Sheratan

    Sheratan Well-Known Member

    That will be a little bit overkill... if you had 5 or more subdomain :D (5 SSL, each $10 = $50 vs 1 $50 Wildcard SSL)

    But yeah. You can do that.
     
  10. woei

    woei Well-Known Member

    Indeed. In my situation I only need 2 certificates. So it's cheaper to buy 2 single domain certificates than 1 wildcard certificate for the whole domain.
     
  11. MattW

    MattW Well-Known Member

    True, but I only have two, which is why I made the suggestion ;)
     
  12. RoldanLT

    RoldanLT Well-Known Member

    Use startssl, it's free ;)
     
  13. woei

    woei Well-Known Member

    You are familiar with the expression if you are not paying for it then you are the customer? StartSSL has been hacked in the past. It's ok to use for securing your link to cPanel, but I rather use a bigger company such as Comodo of GeoTrust. Also I think the TS will need some serious support for installing his certificate...
     
  14. WSWD

    WSWD Well-Known Member

    Or you could just not do anything and deal with the error. Assuming you don't have clients on your server, you don't need an SSL certificate. The connection is still secure...the error is just saying that your browser doesn't recognize the certificate. In fact not only is the connection still secure, it's just as secure as it would be if you had a recognized certificate.

    So to answer your second question, no, it's not important to set up an SSL certificate for your login.
     
  15. NeoCHI

    NeoCHI Active Member


    How is it just as secure? Doesn't SSL make sure your logging into your server and not like a made up server someone makes you see to get your password... I dunno read something like that online. Also something about packet sniffing...
     
  16. WSWD

    WSWD Well-Known Member

    That's the thing...you're still using SSL. If you go to www.yoursite.com:2087 (or /whm), the connection is still secure. All the traffic is going over the SSL connection, regardless of what type of certificate you use.

    You just happen to be using a self-signed certificate, which is why your browser has a fit and gives you all the notifications. The certificate is not from a trusted authority. Of course not...it's from your server. :)

    That's why I asked about other people/clients using your server. If it's just you, and you don't mind getting the error messages, it is just as secure for you to use that self-signed certificate as it is to use one you purchased. The actual SSL connection does not change.

    We run purchased certificates on our hosting servers, for example, because clients get a little worried by the errors and notifications otherwise. They don't understand that it's just as secure either way.
     
  17. NeoCHI

    NeoCHI Active Member

    So even though the url shows up with https://serverip with the https: part strikethroughed, it still means it's going over a SSL connection?
     
  18. WSWD

    WSWD Well-Known Member

    You mean like this? ;)

    ssl.png



    The important part shows up if you click on the lock (I'm guessing you're using Chrome). Shows all the encryption information. The https is shown crossed out because the server certificate is not trusted, as I explained in previous posts. But yes, the connection is 100% secure, over an SSL connection.
     
  19. NeoCHI

    NeoCHI Active Member

    ahh ic, great thanks!
     
  20. WSWD

    WSWD Well-Known Member

    You're welcome!
     

Share This Page