- Removed dependency on random_bytes function that had been causing an error for tsoHost customers since version 1.3.0
11 Likes
If you're a tsoHost customer getting a 503 error when trying to run CertSage version 1.4.1, the error might be the result of an outdated "PHP handler" line in the .htaccess file in your webroot directory (probably public_html). Try commenting out that line by adding a # symbol at the beginning of the line then running CertSage again.
7 Likes
Hey there,
shell_exec is in the disabled_functions on my cPanel and so I had to replace it with popen:
$outputRes = popen("/bin/uapi SSL toggle_ssl_redirect_for_domains domains=$domain state=0 --output=json", 'r');
$output = '';
while (! feof($outputRes))
{
$output .= fread($outputRes, 8192);
}
pclose($outputRes);
Also, it turns out that I don't have the right ssl module installed in my cPanel for this to work, but the script does no Validation and so tries to enable the redirection. So I've added this after the first function call:
if (strpos($output, 'You do not have the feature “sslinstall”') !== false)
throw new Exception('uapi "sslinstall" module missing');
2 Likes
What kind of hosting provider would disable shell_exec, but keep popen allowed? 
7 Likes
Probably the same kind of hosting provider that wouldn't offer automatic free integration to enable TLS themselves but would allow a PHP script to do that kind of installation. (That is, the need for CertSage at all is because hosting providers are being incompetent, if not malicious, in not just doing everything needed for their customers to be secure.)
9 Likes
Is it UAPI that's not installed or just the particular module? How far did you make it with getting your implementation working? I'm always curious about how CertSage fares in interesting environments. Seems you've found one even more restrictive than GoDaddy and tsoHost.
5 Likes
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.