DNSOnly: cpsrvd is not listening on port 80
How do I make cpsrvd listen on port 80 when Tweak Settings is not available in WHM on DNSOnly?
Having trouble renewing the hostname SSL cert.
Thanks!
/R
-
How do I make cpsrvd listen on port 80 when Tweak Settings is not available in WHM on DNSOnly? Having trouble renewing the hostname SSL cert. Thanks! /R
It should be listening on 80 by default. Maybe you have port 80 firewalled / access blocked in hosts.allow/hosts.deny (older OS) ? What is your result when you execute this: netstat -plan|grep cpsrvd|grep -v LISTENING What exactly happens when you try to renew the cert? Keep in mind that the cPanel cert on DNSOnly boxes will only end up renewing if it's a couple days from expiry. You'll get a notice 30 days in advance (I think), but usually cannot renew the cert until a couple of days before expiry because cPanel won't process it before then.0 -
It's CentOS v7.9.2009 with cPanel 110.0.5. # netstat -plan|grep cpsrvd|grep -v LISTENING tcp 0 0 0.0.0.0:2087 0.0.0.0:* LISTEN 1902/cpsrvd (SSL) - tcp 0 0 0.0.0.0:2086 0.0.0.0:* LISTEN 1902/cpsrvd (SSL) - # /usr/local/cpanel/bin/checkallsslcerts The system will check for the certificate for the "cpanel" service. The system will attempt to replace the self-signed certificate for the "cpanel" service with a signed certificate from the cPanel Store. The system will attempt to install a certificate for the "cpanel" service from the system ssl storage. None of the certificates in the system ssl storage were acceptable to use for the "cpanel" service. The system will attempt to install a certificate for the "cpanel" service from the cPanel store. Setting up HTTP DCV (/usr/local/apache/htdocs/.well-known/pki-validation/AC850BAE49D76F2B956547863F5CCA88.txt) " " complete. Setting up DNS DCV for "[hostname redacted]" " " complete. Attempting DNS DCV preflight checks " [hostname redacted]: DNS DCV preflight check failed; falling back to HTTP " [hostname redacted]: Attempting HTTP DCV preflight check " The system failed to fetch the DCV (Domain Control Validation) file at "http://[hostname redacted]/.well-known/pki-validation/AC850BAE49D76F2B956547863F5CCA88.txt" because of an error: The system failed to send an HTTP (Hypertext Transfer Protocol) "GET" request to "http://[hostname redacted]/.well-known/pki-validation/AC850BAE49D76F2B956547863F5CCA88.txt" because of an error: Could not connect to '[hostname redacted]:80': Connection refused. Undoing HTTP DCV setup " " complete. Undoing DNS DCV setup " " complete. [WARN] The system failed to acquire a signed certificate from the cPanel Store because of the following error: All HTTP and DNS DCV preflight checks failed! The system will check for the certificate for the "exim" service. The system will attempt to replace the self-signed certificate for the "exim" service with a signed certificate from the cPanel Store. The system will attempt to install a certificate for the "exim" service from the system ssl storage. None of the certificates in the system ssl storage were acceptable to use for the "exim" service. /R 0 -
Are you able to visit the hostname of the machine in a browser over port 80? 0 -
Are you able to visit the hostname of the machine in a browser over port 80?
I am not. /R0 -
If you restart cpsrvd, does that get the service to listen on port 80? If not, it might be best to create a ticket so we can take a look at the system. 0 -
# /usr/local/cpanel/scripts/restartsrv_cpsrvd Waiting for "cpsrvd" to restart gracefully ""waiting for "cpsrvd" to initialize "finished. Service Status cpanel (/usr/local/cpanel/cpsrvd --llu=1683705675 --listen=10,11,12,7,8,9 --start --systemd) is running as root with PID 1910 (systemd+/proc check method). Startup Log May 10 08:17:45 reggie systemd[1]: Starting cPanel services... May 10 08:17:53 reggie restartsrv_cpsrvd[1910]: ==> cpsrvd 11.110.0.5 started May 10 08:17:53 reggie restartsrv_cpsrvd[1910]: ==> cpsrvd: loading security policy....Done May 10 08:17:53 reggie restartsrv_cpsrvd[1910]: ==> cpsrvd: Setting up SSL support ... Done May 10 08:17:53 reggie restartsrv_cpsrvd[1910]: ==> cpsrvd: setting up serviceauth May 10 08:17:54 reggie restartsrv_cpsrvd[1910]: ==> cpsrvd: bound to ports May 10 08:17:54 reggie systemd[1]: Started cPanel services. May 10 08:17:56 reggie restartsrv_cpsrvd[1910]: License is valid and has already updated recently. cpsrvd restarted successfully. # netstat -plan|grep cpsrvd|grep -v LISTENING tcp 0 0 0.0.0.0:2087 0.0.0.0:* LISTEN 1910/cpsrvd (SSL) - tcp 0 0 0.0.0.0:2086 0.0.0.0:* LISTEN 1910/cpsrvd (SSL) - Similar result on its sibling. /R 0 -
At this point it would be best to create a ticket with our team, since this is one of those things that should just work out of the box. 0 -
Just to follow up, the solution was to use whmapi: whmapi1 set_tweaksetting key='disable_cphttpd' value=0 Enable listening on ipv6: whmapi1 set_tweaksetting key='ipv6_listen' value=1 Finally, restart cpsrvd: /usr/local/cpanel/scripts/restartsrv_cpsrvd /R 0
Please sign in to leave a comment.
Comments
8 comments