Yikes. 
I really think we should take a look at this file:
/usr/local/apache/conf/httpd.conf
Can you make a copy of it with a .txt extension and upload it here.
2 Likes
httpd.conf.txt (18.9 KB)
It's all autogenerated. Do you need the templates?
1 Like
These are the lines that you seek to modify...
Lines 350 - 352:
SSLCertificateFile
/var/cpanel/ssl/installed/certs/host_wordforge_net_bfec5_978dd_1647647999_e34c9886775a06601d4d98901470c2bd.crt
SSLCertificateKeyFile
/var/cpanel/ssl/installed/keys/bfec5_978dd_6955db0c95e6fed8f70d1e4c9e24366d.key
SSLCACertificateFile
/var/cpanel/ssl/installed/cabundles/cPanel_Inc__681917bfb43af6b642178607e0b36ccc_1747526399.cabundle
Lines 443 - 445:
SSLCertificateFile /var/cpanel/ssl/cpanel/mycpanel.pem
SSLCertificateKeyFile /var/cpanel/ssl/cpanel/mycpanel.pem
SSLCertificateChainFile
/var/cpanel/ssl/cpanel/mycpanel.pem
To properly modify those lines, you will need to modify the corresponding template files. Be sure to follow all of the instructions in:
/usr/local/apache/conf/httpd.conf
3 Likes
Apologies for the long delay in responding. I really appreciate the help so far.
Lines 350-352 seem to come from
[% IF supported.mod_alias -%]
[% IF vhost.hascgi && scriptalias == 1 -%]
ScriptAlias /cgi-bin/ [% vhost.documentroot %]/cgi-bin/
[% END -%]
[% END -%]
SSLEngine on
[% IF vhost.sslciphersuite.length %]SSLCipherSuite [% vhost.sslciphersuite %][% END %]
SSLCertificateFile [% vhost.sslcertificatefile %]
SSLCertificateKeyFile [% vhost.sslcertificatekeyfile %]
[% IF vhost.sslcacertificatefile -%]
SSLCACertificateFile [% vhost.sslcacertificatefile %]
[% END -%]
in /var/cpanel/templates/apache2/ssl_vhost.default. Not sure where the variables are getting set. Doesn't appear to be within this file.
Lines 443-445 come from
<IfModule mod_ssl.c>
SSLEngine on
SSLProxyEngine On
[% IF file_test('f', '/var/cpanel/ssl/cpanel/mycpanel.pem') -%]
SSLCertificateFile /var/cpanel/ssl/cpanel/mycpanel.pem
SSLCertificateKeyFile /var/cpanel/ssl/cpanel/mycpanel.pem
SSLCertificateChainFile /var/cpanel/ssl/cpanel/mycpanel.pem
[% ELSIF file_test('f', '/var/cpanel/ssl/cpanel/cpanel.pem') -%]
SSLCertificateFile /var/cpanel/ssl/cpanel/cpanel.pem
SSLCertificateKeyFile /var/cpanel/ssl/cpanel/cpanel.pem
SSLCertificateChainFile /var/cpanel/ssl/cpanel/cpanel.pem
[% ELSIF file_test('f', '/var/cpanel/ssl/cpanel/cpanel.crt') && file_test('f', '/var/cpanel/ssl/cpanel/cpanel.key') %]
SSLCertificateFile /var/cpanel/ssl/cpanel/cpanel.crt
SSLCertificateKeyFile /var/cpanel/ssl/cpanel/cpanel.key
[% IF file_test('f', '/var/cpanel/ssl/cpanel/cpanel.cab') %]
SSLCertificateChainFile /var/cpanel/ssl/cpanel/cpanel.cab
[% END %]
[% ELSE %]
# No service SSL installed for cPanel
[% END %]
</IfModule>
in /var/cpanel/templates/apache2/main.default. While I can replace mycpanel.pem or point it to a different file (and I think I do that by duplicating main.default as main.local), I think that one is actually working (host.wordforge.net's cert is valid, and doesn't come from Let's Encrypt; I think it's issued by cPanel via the WHM). I don't quite understand why that one needs editing.
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.