Get Paid to Participate - up to $1 per post!     Twitter     Facebook     Google+
Hosting Discussion
 

forgot password?



Reply


Old
  Post #1 (permalink)   12-22-2016, 09:41 AM
HD Wizard
 
easyhostmedia's Avatar
 
Join Date: Mar 2011
Location: Northumberland, UK
Posts: 4,876
Send a message via MSN to easyhostmedia

Status: easyhostmedia is online now
To all hosts that sell SSL certificates and have cPanel servers.

When you upgrade your server to WHM version 6 then cpanel will place a shared cpanel DV SSL cert on all accounts on the server if you want them or not even if an account already has a paid SSL cert.

I noticed this yesterday when one of my clients ordered an SSL and they could not install it as the system was saying they already had a DV cert on their account.
I also noticed that cPanel had over ridden 2 clients paid SSL certs, so these had to be reinstalled.

Opened a ticket with cPanel as they told me that these are default with WHM 6 and if i wanted to remove them than i would have to do this myself manually as they dont have anything to mass remove the SSLs they installed without permission, although they told me i could place a request with their developers to create a feature to mass remove these.

i told them why should i when they added all the SSLs without permission, so they should have a method to remove them
__________________
Terry Robertson - CEO The Easyhost Media Group
Niceday Hosting - Affordable Hosting
PowerSSL - - We Secure your World
The Scamlist Forum - Fighting against scammers
 
 


Old
  Post #2 (permalink)   12-22-2016, 10:35 AM
HD Newbie
 
Join Date: Dec 2016
Location: bogota
Posts: 24
Send a message via MSN to Colombiawebs Send a message via Skype™ to Colombiawebs

Status: Colombiawebs is offline
Quote:
Originally Posted by easyhostmedia View Post
To all hosts that sell SSL certificates and have cPanel servers.

When you upgrade your server to WHM version 6 then cpanel will place a shared cpanel DV SSL cert on all accounts on the server if you want them or not even if an account already has a paid SSL cert.

I noticed this yesterday when one of my clients ordered an SSL and they could not install it as the system was saying they already had a DV cert on their account.
I also noticed that cPanel had over ridden 2 clients paid SSL certs, so these had to be reinstalled.

Opened a ticket with cPanel as they told me that these are default with WHM 6 and if i wanted to remove them than i would have to do this myself manually as they dont have anything to mass remove the SSLs they installed without permission, although they told me i could place a request with their developers to create a feature to mass remove these.

i told them why should i when they added all the SSLs without permission, so they should have a method to remove them
good day

You can disable the ssl certificate of your sites by following the following path

Home »SSL / TLS» Manage AutoSSL

Disabled

Blessings
__________________
www.colombiawebs.com - Hosting Shared - Hosting Wordpress, Domains, Hosting Reseller - Cloud - Streaming Audio - Streaming Video - VPS - Servers - Web Design - Email Corporate. - 10 years of experience - Leaders in Latin America
 
 
 


Old
  Post #3 (permalink)   12-22-2016, 10:40 AM
HD Wizard
 
easyhostmedia's Avatar
 
Join Date: Mar 2011
Location: Northumberland, UK
Posts: 4,876
Send a message via MSN to easyhostmedia

Status: easyhostmedia is online now
Quote:
Originally Posted by Colombiawebs View Post
good day

You can disable the ssl certificate of your sites by following the following path

Home »SSL / TLS» Manage AutoSSL

Disabled

Blessings
yes, but when these have already been installed without permission that just stops future ones.

Had to spend 3 hours removing all these and correcting the ones they had over ridden.

This feature should be disabled by default and upto hosts to enable it and not the other way round.
__________________
Terry Robertson - CEO The Easyhost Media Group
Niceday Hosting - Affordable Hosting
PowerSSL - - We Secure your World
The Scamlist Forum - Fighting against scammers
 
 
 


Old
  Post #4 (permalink)   12-22-2016, 11:39 AM
HD Newbie
 
Join Date: Dec 2016
Location: bogota
Posts: 24
Send a message via MSN to Colombiawebs Send a message via Skype™ to Colombiawebs

Status: Colombiawebs is offline
good day

You're right

SSL Certificates from cpanel are free, but do not certify the company they insure

They can be given free to their customers, if they wish

You can enable them individually

Blessings
__________________
www.colombiawebs.com - Hosting Shared - Hosting Wordpress, Domains, Hosting Reseller - Cloud - Streaming Audio - Streaming Video - VPS - Servers - Web Design - Email Corporate. - 10 years of experience - Leaders in Latin America
 
 
 


Old
  Post #5 (permalink)   12-22-2016, 11:55 AM
HD Wizard
 
easyhostmedia's Avatar
 
Join Date: Mar 2011
Location: Northumberland, UK
Posts: 4,876
Send a message via MSN to easyhostmedia

Status: easyhostmedia is online now
Quote:
Originally Posted by Colombiawebs View Post
good day

You're right

SSL Certificates from cpanel are free, but do not certify the company they insure

They can be given free to their customers, if they wish

You can enable them individually

Blessings
but the fact is when you upgrade to WHM6 cpanel will place a free SSL on ALL accounts on the server regardless if you want these added or not as it is the default setting.

yes you can disable this feature in Home »SSL / TLS» Manage AutoSSL, but this does not remove the ones already installed without permission. and cpanel have no feature in place to remove these, so you have to manually remove each one individually.
These are simple DV certs, but these would stop users purchasing DVs from you, so losing you revenue.
__________________
Terry Robertson - CEO The Easyhost Media Group
Niceday Hosting - Affordable Hosting
PowerSSL - - We Secure your World
The Scamlist Forum - Fighting against scammers
 
 
 


Old
  Post #6 (permalink)   12-22-2016, 12:06 PM
HD Newbie
 
Join Date: Dec 2016
Location: bogota
Posts: 24
Send a message via MSN to Colombiawebs Send a message via Skype™ to Colombiawebs

Status: Colombiawebs is offline
Quote:
Originally Posted by easyhostmedia View Post
but the fact is when you upgrade to WHM6 cpanel will place a free SSL on ALL accounts on the server regardless if you want these added or not as it is the default setting.

yes you can disable this feature in Home »SSL / TLS» Manage AutoSSL, but this does not remove the ones already installed without permission. and cpanel have no feature in place to remove these, so you have to manually remove each one individually.
These are simple DV certs, but these would stop users purchasing DVs from you, so losing you revenue.
good day

Again you're right

Users are interested in seeing the padlock

Customers do not care if SSL is professional or Free

We must create a method, that these certificates for free, do not displace the SSL that we sell

Blessings
__________________
www.colombiawebs.com - Hosting Shared - Hosting Wordpress, Domains, Hosting Reseller - Cloud - Streaming Audio - Streaming Video - VPS - Servers - Web Design - Email Corporate. - 10 years of experience - Leaders in Latin America
 
 
 


Old
  Post #7 (permalink)   12-22-2016, 12:21 PM
HD Wizard
 
easyhostmedia's Avatar
 
Join Date: Mar 2011
Location: Northumberland, UK
Posts: 4,876
Send a message via MSN to easyhostmedia

Status: easyhostmedia is online now
Quote:
Originally Posted by Colombiawebs View Post

We must create a method, that these certificates for free, do not displace the SSL that we sell

Blessings
that is simple and all cPanel need to do is make the feature disabled as default, so that these are not added to accounts when you upgrade to whm6. then you as a host can market them as free or paid shared SSL certs can activate these for individual accounts
__________________
Terry Robertson - CEO The Easyhost Media Group
Niceday Hosting - Affordable Hosting
PowerSSL - - We Secure your World
The Scamlist Forum - Fighting against scammers
 
 
 


Old
  Post #8 (permalink)   12-26-2016, 07:42 PM
HD Newbie
 
Join Date: Apr 2013
Posts: 25

Status: HostNIT is offline
Quote:
Originally Posted by easyhostmedia View Post
but the fact is when you upgrade to WHM6 cpanel will place a free SSL on ALL accounts on the server regardless if you want these added or not as it is the default setting.

yes you can disable this feature in Home »SSL / TLS» Manage AutoSSL, but this does not remove the ones already installed without permission. and cpanel have no feature in place to remove these, so you have to manually remove each one individually.
These are simple DV certs, but these would stop users purchasing DVs from you, so losing you revenue.
Good point. You mentioned addressing cPanel about it - did they offer any suggestion as to a permanent fix?
__________________
===================
Host NIT Inc
Powering cPanelhosting.com
Shared | Reseller | VPS | Dedicated
 
 
 


Old
  Post #9 (permalink)   12-27-2016, 05:31 AM
HD Wizard
 
easyhostmedia's Avatar
 
Join Date: Mar 2011
Location: Northumberland, UK
Posts: 4,876
Send a message via MSN to easyhostmedia

Status: easyhostmedia is online now
Quote:
Originally Posted by HostNIT View Post
Good point. You mentioned addressing cPanel about it - did they offer any suggestion as to a permanent fix?
this is all i get from cpanel

Quote:
Hello,

Thank you for getting back to us. Andrew already explained how to remove the certificates from the server. I've included that information below as well:

However, you can remove certificates in WHM -> SSL/TLS -> Manage SSL Hosts, and then remove the certificates from WHM -> SSL/TLS -> SSL Storage Manager.

There is nothing in cPanel that will do mass removal though. I apologize for the inconvenience.

I'd suggest opening a feature request to have our developers implement a tool to do mass removal of SSL certificates at https://features.cpanel.net. I can understand where you're coming from, but this isn't something that we have in the product as clients don't normally want to remove SSL certificates, especially in mass.
i esculated the ticket as i was getting nowhere and this is what i got from management.

Quote:
Hello,

Thank you for your patience, I've read over the ticket and got myself familiar with the issues you're having.

It's concerning that you weren't presented with the feature showcase option upon first login after upgrading to v60, and we've not been presented with issues where this didn't show up with other customers. Do you have other people who login via root who may have just accepted the default settings and moved on?

Since the damage you noted has already been done (the sites got free SSL certificates), the solution you are looking for is to delete them all - unfortunately this isn't something that is typically requested so it would be a feature request that would need to be made for implementation. The only currently provided method is to delete them from the UI individually. We do, however, offer an API call that you may take benefit in using here:

https://documentation.cpanel.net/dis...A%3Adelete_ssl

You could essentially create a for loop to traverse through domains and delete them.

--

I'd like to further comment that the certificates that got installed are DV certificates, which is typically the lower end SSL certificates - we've recently implemented the Market Provider, which allows you (the server owner/provider) to sell your SSL certificates through our interfaces. ( https://documentation.cpanel.net/dis...ovider+Manager ) You can choose to resell our certificates, or create your own plugin for the manager to have it go through your own provider.

The cPanel DV Certificates are only installed on domains that have no SSL certificate, it previously replaced signed ssl certificates if they were set to expire within 3 days, but this got changed (and may have been changed after you updated) as per: https://documentation.cpanel.net/dis...catesbydefault
so in otherwords

TOUGH we will do what we like
__________________
Terry Robertson - CEO The Easyhost Media Group
Niceday Hosting - Affordable Hosting
PowerSSL - - We Secure your World
The Scamlist Forum - Fighting against scammers
 
 
 


Old
  Post #10 (permalink)   01-09-2017, 01:29 AM
HD Master
 
whmcsguru's Avatar
 
Join Date: May 2016
Posts: 281
Send a message via Skype™ to whmcsguru

Status: whmcsguru is offline
A few things here:

Firstly, cPanel doesn't force you to use their software. They don't force you to use AutoSSL either. You're more than welcome to turn it off once you upgrade.

Secondly, by default, cPanel will not overwrite certificates, unless they are expired. Not sure about expired ones, even.

This has been an issue since long before they released autossl. They tried this with service certificates, and got a ton of feedback there as well. I wouldn't say they are a 'law unto themselves', but they do seem to want their name out there quite a bit.
__________________
WHMCS Guru - WHMCS addons, management, support and more.
WHMCS Notifications Extended - Add slack, hipchat, SMS, pushover to your WHMCS install!
WHMCS User and IP Extended Control - Take control of your WHMCS install
Linux admin, WHMCS Guru for hire. PM me for more information
 
 
 


Old
  Post #11 (permalink)   01-09-2017, 07:02 AM
HD Wizard
 
easyhostmedia's Avatar
 
Join Date: Mar 2011
Location: Northumberland, UK
Posts: 4,876
Send a message via MSN to easyhostmedia

Status: easyhostmedia is online now
Quote:
Originally Posted by whmcsguru View Post
A few things here:

Firstly, cPanel doesn't force you to use their software. They don't force you to use AutoSSL either. You're more than welcome to turn it off once you upgrade.
yes they do as when you upgrade to WHM version 60 they automatically placed DV SSL to every account on both my servers.
This is forcing this service onto me.
so they place a free DV cert onto a clients account, so is that client going to purchase an SSL from you NO, so you lose revenue due to this action by cpanel.

Quote:
Originally Posted by whmcsguru View Post
Secondly, by default, cPanel will not overwrite certificates, unless they are expired. Not sure about expired ones, even.
I am afraid the autoSSL system did override 2 paid SSL certs that were still active and not expired.
__________________
Terry Robertson - CEO The Easyhost Media Group
Niceday Hosting - Affordable Hosting
PowerSSL - - We Secure your World
The Scamlist Forum - Fighting against scammers
 
 
 


Old
  Post #12 (permalink)   01-09-2017, 09:28 AM
HD Community Advisor
 
SenseiSteve's Avatar
 
Join Date: Mar 2009
Location: Saint Louis
Posts: 4,918
Send a message via MSN to SenseiSteve

Status: SenseiSteve is offline
cPanel certainly isn't perfect, but I still prefer it over other options.
__________________
ProlimeHost- Dedicated Server Hosting & KVM SSD VPS
Three Datacenter Locations: Los Angeles, Denver & Singapore
SuperMicro Hardware | Multiple Bandwidth Providers | 24/7 On Site Engineers
 
 
 


Old
  Post #13 (permalink)   01-09-2017, 10:38 AM
HD Wizard
 
easyhostmedia's Avatar
 
Join Date: Mar 2011
Location: Northumberland, UK
Posts: 4,876
Send a message via MSN to easyhostmedia

Status: easyhostmedia is online now
Quote:
Originally Posted by SenseiSteve View Post
cPanel certainly isn't perfect, but I still prefer it over other options.
yes, but what i objected too is them deciding every account should have a cpanel SSL and then install these without permission, which would lose me revenue.

It took me 3 hrs to remove all these manually and then disable autoSSL, but even after disabling it they went ahead and installed all the SSLs again.

now when i reported this they have thought the best action is to ignore me
__________________
Terry Robertson - CEO The Easyhost Media Group
Niceday Hosting - Affordable Hosting
PowerSSL - - We Secure your World
The Scamlist Forum - Fighting against scammers
 
 
 


Old
  Post #14 (permalink)   01-10-2017, 01:06 AM
HD Guru
 
Join Date: Jan 2013
Posts: 756
Send a message via AIM to cheapdedicated Send a message via Yahoo to cheapdedicated Send a message via Skype™ to cheapdedicated

Status: cheapdedicated is offline
Its a good move by cPanel to offer some free security the only problem is them not asking you before hand if you want it installed or not so that you treat it case by case
__________________
Techsys Ltd | Dedicated Servers | V.P.S | Free Plesk Panel
G8 Servers cPanel Reseller VPS Reseller Dedicated Server Resellers

G8 Host Cheap Domains | Shared Hosting | SSL
 
 
 


Old
  Post #15 (permalink)   01-10-2017, 03:56 AM
HD Wizard
 
easyhostmedia's Avatar
 
Join Date: Mar 2011
Location: Northumberland, UK
Posts: 4,876
Send a message via MSN to easyhostmedia

Status: easyhostmedia is online now
Quote:
Originally Posted by cheapdedicated View Post
Its a good move by cPanel to offer some free security the only problem is them not asking you before hand if you want it installed or not so that you treat it case by case
yes that is my point, any security is good, but it is the way they have gone about it and the way they caused the problem, but are not willing to fix it.

I would rather have it disabled as default, so you as a host can activate it if you want, but then when you activate it, the system will place an SSL on all accounts, so a host loses the revenue of shared SSLs.

i would rather have it so you can enable it and then decide which accounts get an SSL cert.

this way some clients may purchase an SSL cert from you as 9/10 clients that purchase as SSL will purchase a comodo positive ssl or rapidssl, but why would they need to purchase 1 when cpanel have decided to give them one free
__________________
Terry Robertson - CEO The Easyhost Media Group
Niceday Hosting - Affordable Hosting
PowerSSL - - We Secure your World
The Scamlist Forum - Fighting against scammers
 
 
 
Reply
Previous Thread Next Thread


Thread Tools

New Post New Post   Old Post Old Post
Posting Rules:
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On
Sponsored By: