keep getting xx-xx-xx-xx.cprapid.com in my SSL certificates under my hostname in Ubuntu cpanel setup
I setup dev cpanel account with Ubuntu cPanel 102.2
I added my ns1 ns2 and IP address
I changed hostname to server2.mydomain.tld
I performed a dns cleanup
restarted DNS
restarted named via ssh
soft reboot of server
went to terminal and ran
then got a few errors and it kept saying its using my ip and cprapid.com under host certificates I see this below?
why does it keep adding xx-xx-xx-xx.cprapid.com and my hostname? when i go to my server2.mydomain.tld:2087 it works but when it's getting the certificate it keeps adding cprapid as well not just my hostname? everything else in cpanel under dns is showing ok and only ns1 ns1 .mydomain.tld are showing in nameservers list host name is showing correctly Just don;t know how I can get rid of the xx-xx-xx-xx.cprapid.com any Idea where I can go to remove and get rid of the cprapid.com and then rerun
to only have SSL cert for my hostname when I view the certificate in Firefox under Subject alt Names DNS Name server2,mydomain.tld DNS Name xx-xx-xx-xx.cprapid.com and the www, and the mail. am I missing something or something changed. my other dev that is AlmaLinux and cPanel 100 worked perfect no cprapid in certificate? Thank you Kind Regards Spiro
/usr/local/cpanel/bin/checkallsslcertsthen got a few errors and it kept saying its using my ip and cprapid.com under host certificates I see this below?
server2.mydomain.tld, xx-xx-xx-xx.cprapid.com, cpanel.server2.mydomain.tld, cpcalendars.mydomain.tld, cpcontacts.server2.mydomain.tld, mail.xx-xx-xx-xx.cprapid.com, mail.server2.mydomain.tld, webmail.server2.mydomain.tld, whm.server2.mydomain.tld, www.xx-xx-xx-xx.cprapid.com, and www.server2.mydomain.tldwhy does it keep adding xx-xx-xx-xx.cprapid.com and my hostname? when i go to my server2.mydomain.tld:2087 it works but when it's getting the certificate it keeps adding cprapid as well not just my hostname? everything else in cpanel under dns is showing ok and only ns1 ns1 .mydomain.tld are showing in nameservers list host name is showing correctly Just don;t know how I can get rid of the xx-xx-xx-xx.cprapid.com any Idea where I can go to remove and get rid of the cprapid.com and then rerun
/usr/local/cpanel/bin/checkallsslcertsto only have SSL cert for my hostname when I view the certificate in Firefox under Subject alt Names DNS Name server2,mydomain.tld DNS Name xx-xx-xx-xx.cprapid.com and the www, and the mail. am I missing something or something changed. my other dev that is AlmaLinux and cPanel 100 worked perfect no cprapid in certificate? Thank you Kind Regards Spiro
-
If you look in /etc/hosts you might see xx-xx-xx-xx.cprapid.com there. You can just remove that. 0 -
Did you use the WHM >> Change Hostname function? While I agree with @quietFinn as that is the most likely place, if a WHM function was used it should be cleaning up the old hostname properly. 0 -
Did you use the WHM >> Change Hostname function? While I agree with @quietFinn as that is the most likely place, if a WHM function was used it should be cleaning up the old hostname properly.
Hello I Used the WHM >> Change Hostname Function.If you look in /etc/hosts you might see xx-xx-xx-xx.cprapid.com there. You can just remove that.
you were correct I just removed it from there restarted named and rebooted server just to make sure. now waiting to boot and try again crossing my fingers :) Kind Regards, Spiro0 -
Did you use the WHM >> Change Hostname function? While I agree with @quietFinn as that is the most likely place, if a WHM function was used it should be cleaning up the old hostname properly.
yes I changed from WHM>> Hostname Function Thanks for your reply - for some reason its not removing it from /etc/hosts Kind Regards, Spiro0 -
@quietFinn @cPRex 127.0.0.1 localhost 127.0.1.1 localhost # The following lines are desirable for IPv6 capable hosts ::1 localhost ip6-localhost ip6-loopback fe00::0 ip6-localnet ff00::0 ip6-mcastprefix ff02::1 ip6-allnodes ff02::2 ip6-allrouters xx.xx.xx.xx server2.mydomain.tld server2 xx-xx-xx-xx.cprapid.com xx-xx-xx-xx
I removed the lineserver2 xx-xx-xx-xx.cprapid.com xx-xx-xx-xx
and now it looks like this ( DOES THIS LOOK CORRECT) or should my IP be at the end as well ?127.0.0.1 localhost 127.0.1.1 localhost # The following lines are desirable for IPv6 capable hosts ::1 localhost ip6-localhost ip6-loopback fe00::0 ip6-localnet ff00::0 ip6-mcastprefix ff02::1 ip6-allnodes ff02::2 ip6-allrouters xx.xx.xx.xx server2.mydomain.tld
thanks for your help Spiro0 -
I did some research into this and cPanel does keep a record of the old hostnames, both in the /etc/hosts file and in the /var/cpanel/hostname_history.json file. The hostname certificates do get issued for old hostnames as well, just in case there is anything still referencing it. This has caused an issue in the past (COBRA-13308 - not able to switch from self-signed to DC certificates) but at this time I wouldn't expect it to cause problems - the other hostnames are added to the certificate "just in case" Other than the cosmetic oddity of them showing up, are you seeing this causing problems with the SSL system? 0 -
I think it should be: xx.xx.xx.xx server2.mydomain.tld server2 0 -
I did some research into this and cPanel does keep a record of the old hostnames, both in the /etc/hosts file and in the /var/cpanel/hostname_history.json file. The hostname certificates do get issued for old hostnames as well, just in case there is anything still referencing it. This has caused an issue in the past (COBRA-13308 - not able to switch from self-signed to DC certificates) but at this time I wouldn't expect it to cause problems - the other hostnames are added to the certificate "just in case" Other than the cosmetic oddity of them showing up, are you seeing this causing problems with the SSL system?
nothing that i can see it did add my hostname to SSL Cert and seemed to work. just thought it would look non professional for a business if someone looks at the certificate and sees another domain other than yours on the certificate. hostname. I guess. thanks for your help as always Spiro0 -
I think it should be: xx.xx.xx.xx server2.mydomain.tld server2
@quietFinn I did what you said, and now I tried got a couple errors about cpanel not available to give certs.. tried again now and it did it, @cPRex but added the xx-xx-xx-xx-cpraid.com address again even though I removed it.. on my other dev setup with AlmaLinux and cPanel 100 it does not add the xx-xx-xx-xx-cpraid.com why would you still be forced to use this BS hostname - on Ubuntu cPanel 102 ? [EDIT] why AlmaLinux and cPanel does not ? Answer Verified/var/cpanel/hostname_history.json is non existent in my production server AlmaLinux and cPanel 100.0.9
is it the version Ubuntu and cPanel102 ? or just cPanel 102? this is the file it keeps as @cPRex said /var/cpanel/hostname_history.json If we delete this, will it ruin the setup ? thanks Spiro0 -
@cPRex Now this is weird Just looking at /etc/hosts on my production server (it's a different IP) and server hostname. I see my Developers server IP with cpraid.com address which we are talking about in the above posts. why did it add the hostname cpraid from one server to production server ? - Is it because that is my production cPanel license? - ( but if so why the other developers lic with AlmaLinux and cPanel does not show up there?) that is weird it would edit my production server in /etc/hosts and add that IP ? how is this possible does seems a little fishy to me. Spiro 0 -
From what I can see, we rest /etc/hosts to match data in /var/cpanel/hostname_history.json. SSLs always get issued with multiple SAN names - that's how the AutoSSL system issues certificates for multiple domain names under one vhost. 0 -
From what I can see, we rest /etc/hosts to match data in /var/cpanel/hostname_history.json. SSLs always get issued with multiple SAN names - that's how the AutoSSL system issues certificates for multiple domain names under one vhost.
@cPRex Ok. I figured out how I got the Ubuntu server ip cpraid.com on my production server. I must be getting old. When installing new server AlmaLinux I used 1235ip Temporarily for install new server and cPanel Transfer from 1234ip cPanel all accounts Closed my centos7 machine and changed ips to my old server. So it stayed in /etc/hosts. So I will just remove it. 100 version AlmaLinux does not have the old json file that 102 has.0 -
If you haven't made any hostname changes, I wouldn't expect that json file to exist. 0 -
Ok thanks again for always helping. 0 -
Anytime! 0 -
Just found this on cPanel support shows you how to set .json file to a bak and then When running the cPanel AutoSSL check, /usr/local/cpanel/bin/checkallsslcerts it does not show this xx.xx.xx.xx.cpraid.com any longer. Workaround Move or remove the following file and rerun the AutoSSL service. mv /var/cpanel/hostname_history.json /root/hostname_history.json.backup
/usr/local/cpanel/bin/checkallsslcerts
0 -
Stale hostname CSRs causes the cPanel store to fail creating an SSL order Workaround Symptoms When a stale hostname CSR is detected, the checkallsslcerts script is unable to create an order for a new hostname SSL. Description When a stale hostname CSR is detected, the system is unable to get an SSL for the hostname and fails with the following message: The system failed to acquire a signed certificate from the cPanel Store because of the following error: The system failed to acquire a signed certificate from the cPanel Store. at bin/checkallsslcerts.pl line 607.
We've opened an internal case for our development team to investigate this further. For reference, the case number is CPANEL-38478. Follow this article to receive an email notification when a solution is published in the product. I also read this that helped me on one server. At this moment in time, moving the hostname CSR out of the way allows for the script to complete and put in an order for a new hostname SSL.mv /var/cpanel/hostname_cert_csrs{,.cpbkp} -v
then ran this/usr/local/cpanel/bin/checkallsslcerts0
Please sign in to leave a comment.
Comments
17 comments