Blue Flower

cPanel

This is the cPanel category.  It contains articles and subcategories related to cPanel, a hosting control panel.  Look below for articles and subcategories that get added over time.  If a big + sign shows on the right of a subcategory, then click on the + to toggle the listing of subcategories and/or articles.  Bookmark (add to Favorites) this page to come back easily and see what is new.

Steps to get 4th party SSL Certificate installed for cpanel client via non-root WHM.

Introduction.

This article is for using a non-root cpanel WHM (WebHost Manager) to generate a server self generated digital SSL certificate, it's CSR (Certificate Signing Request), and the RSA Private Key for your client's cpanel.  A cpanel client may be an internal customer, or an external customer, or other, but it does not matter.  This article applies to shared servers, cloud servers, dedicated servers, virtual server, reseller server, and any other server that has cpanel WHM deployed (running) on it.  It includes mistakes to avoid, and suggestions.

cPanel WHM SSL Cert, CSR, and Key Generation Form.

Please notice that this site is dependent on financial contributions (donations), and the ads on this website have very little financial contribution towards funding the creation of articles and website operation.


It took about 3 hours to create this article.

Steps.

 

  1. Login to the needed server WHM.

  2. Complete WHM CSR form:  Click on “Generate a SSL Certificate and Signing Request” on left menu.

    1. Contact Info.

      1. Email Address: Leave the checkbox Empty.  You will copy from display screen in later step.  This is the Email Address the CSR, the Key, and server self generated Cert will be sent to, and email is unsecure method of communication.  If used, then make sure it will be one of your email addresses.
    1. Private Key Options.

      1. Key Size: 2048 or 4096.
    1. Certificate Info.

      1. Email: Indicates the Email address client wants associated with the certificate.  Best if client or you create an email alias for client for this use.

      2. Domains: This is the Host Domain Name (Host) to make cert for.  Enter the Domain Name only, unless specifically for a Hostname (subdomain of Domain Name); either would be a FQDN.  Usually, this is the main domain of the cpanel.  A cert issuer like AstraGate Domain Services, or Starfield will make the certificate good for the domain with and without the www host name in front.

      3. City: Enter city shown on public whois for domain name.

      4. State: Enter fully spelled state name shown on public whois for domain name.

      5. Country: Enter 2 letter country code shown on public whois for domain name.

      6. Company Name: Simply put the domain name, unless client requests something different.

      7. Company Division:  Simply put the domain name, unless client requests something different.
    1. Shared Secret.

      1. Passphrase/Password. This can be left blank, but you can enter a newly generated password.  This is NOT secured.  “CSR passphrases are stored unencrypted in the CSR”. If password assigned, make a record of it.

 

  1. Generate CSR and Key: Click on Create.  The WHM form will generate a CSR (Certificate Signing Request), a server self-signed certificate, and a Key (RSA Private Key).  These three items will all be displayed immediately, and emailed to the email address indicated in the field of “Email Address the Cert will be sent to” if it’s checkbox was checked (default should be unchecked). 

  2. Copy all 3 items generated; CSR, Key, and Certificate.  Copy each into a separate Notepad (or other simple non-format adding editor) and save.  Make the Key file name end with a .key.

  3. Create a folder named New-SSL-Files within client’s cpanel home directory.

  4. Email the CSR to the cpanel client.  Make sure it is asked that the cert files be uploaded to the server via cpanel’s secure File Manager tool or secure SFTP into the folder named New-SSL-Files within the home directory of client’s cpanel file system.

  5. Wait for client to upload needed cert files to server: Wait for client to respond with the SSL Certificate (.crt, or .cer files) and the SSL CA Certificate (Trusted Authority / "CA Bundle") the client got from the SSL certificate issuer.

  6. Make a backup copy of client’s cert files (or download).

  7. Upload the WHM generated Key into the New-SSL-Files folder and add an extension name of .key.

  8. Have your system administrators (or yourself if you got root WHM access too) process the installation of the SSL certificate using the files within the New-SSL-Files folder.

  9. Once SSL install is completed, then check https works. 

  10. Inform client that SSL Cert Install is complete.

  11. Remove contents of the New-SSL-Files folder within client’s cpanel file system.

 

Note.

If the client wants to make use of the self-signed server generated SSL certificate instead of purchasing an SSL certificate, this can be done by simply using the certificated created by WHM in the above steps. Modern browsers will issue a warning, or flag, or completely block self generated SSL cert, even though valid, if the cert was not issued by a recognized CA (Certificate Authority).  An https based on a self generated SSL certificate will be just as secure as an https based on a CA SSL certificate.

 

Consider Contributing

  • Article Contribution:
    Consider submitting an article of your own to Tech Notes.  I will create a sub-category for your article if needed.  Guest articles are welcome!

  • Financial Contribution:
    If you found this article or any Tech Notes article useful, or beneficial in any form, and you'd like to make a financial contribution as a simple thanks (no fear, any small amount can be given), you can use the Paypal contribution button which is safe and does not require you to have a Paypal account to make a contribution to Tech Notes.

Feel Free To Leave A Good Comment,
And Donate. :)

Comment as a guest or site user. 
Polite comments please
Look around this site and it's menus, and you may find other useful articles. 
Add this site to your Bookmarks/Favorites for easy return for new articles. 

Mass Upload (Update/Replacement) Of Email Forwarder (Alias) Addresses In cPanel

When using cPanel, you have the ability to backup all of your email forwarders (aliases) addresses by going to the Backup icon, and scrolling down to Download Email Forwarders, and clicking on the domain name listed in the Forwarders column.

cPanel Backup icon----> cPanel Backup Forwarder Section

However, you will quickly realize using the Upload button, seen above, with a list in the the proper format does not replace or update the email forwarders.  So, how does one update the email forwarder all at once?

The following explains how to import multiple email forwarders at once in cPanel.  If you got a large number of email aliases/forwarders, this can be a huge time saver.

  1. Login to your cPanel (such as that provided by Web Hosting With $1).

    cPanel Web Login Prompt
     
  2. In the Mail section, click on Import Addresses/Forwarders.

    cPanel Forwarder Addresses Import
     
  3. Select Forwarders, and click on Browse.

    Import of Email Forwarders
     
  4. Select a .csv or excel file you have prepared ahead of time (An example line of such a file is given, but the details of the format of that file is not covered in this article; click on the "Need hlep setting up a CSV or Excell file for importing" to get assistance on this).   Once you have selected your file, then the page will update with new option to choose.  Select the appropriate delimiter (most likely space, or comma), and if you have not header labeling for each column, then uncheck the checkbox of "Treat first row as column headers".  Then push Next.

    Step 3 of Forwarder Import
     
    An Example of a space (or :space) delimited text file for import is:

    Source: Target
    This email address is being protected from spambots. You need JavaScript enabled to view it.: This email address is being protected from spambots. You need JavaScript enabled to view it.
    This email address is being protected from spambots. You need JavaScript enabled to view it.: This email address is being protected from spambots. You need JavaScript enabled to view it.

     
    An Example of a comma delimited (csv) text file for import is:

    Source,Target
    This email address is being protected from spambots. You need JavaScript enabled to view it.,This email address is being protected from spambots. You need JavaScript enabled to view it.
    This email address is being protected from spambots. You need JavaScript enabled to view it.,This email address is being protected from spambots. You need JavaScript enabled to view it.

     
  5. Now select which column will be the Source (receiving addresses) and which will be the Target (forwarded to addresses).  Typically, the first column is the Source and the second column is the Target.

    Source and Target selection for Forwarder Import
     
  6. If your import list is not a full email address, and just a list of username, then you should select from the Step 2 menu of that page to indicate what domain name the usernames are to be at in order to make a complete email address.  Normally you do not need to do this.  Next push Next.

    Select or skip Domain selection for forwder import.
     
  7. You get a chance to do a final review before submitting for upload of the forwarders.  If all looks correct, then click the Next button.

    Final Review of forwarder import list
     
  8. Once import is completed, the blue horizontal bar will cover 100%, and all the listed aliases (forwarders) will have green check marks next to them. You are done.  If you go to Forwarder icon in cPanel, you will see the newly imported forwarders listed.

    Forwarder imported completed.

 


Feel Free To Leave A Good Comment. :)

Look around this site and it's menus, and you may find other useful articles.