Skip to main content

cPanel Location of SSL Folders

vatra
What is the purpose and content of these folders:
  • [COLOR=rgb(41, 105, 176)]/var/cpanel/ssl[COLOR=rgb(184, 49, 47)]/apache_tls (SSLs for domains).
  • [COLOR=rgb(41, 105, 176)]/var/cpanel/ssl[COLOR=rgb(184, 49, 47)]/domain_tls (???).
  • [COLOR=rgb(41, 105, 176)]/var/cpanel/ssl[COLOR=rgb(184, 49, 47)]/system (SSLs for the cPanel service).
  • [COLOR=rgb(65, 168, 95)]/home/user/ssl (SSLs for domains - are these copies of files from [COLOR=rgb(41, 105, 176)]/var/cpanel/ssl[COLOR=rgb(184, 49, 47)]/apache_tls).
cPanel interfaces that manage the content of these folders:
  • [COLOR=rgb(41, 105, 176)]/var/cpanel/ssl[COLOR=rgb(184, 49, 47)]/apache_tls (WHM > SSL/TLS > SSL Storage Manager > Apache"s Installed SSL Resources - it only lists the SSLs).
  • [COLOR=rgb(41, 105, 176)]/var/cpanel/ssl[COLOR=rgb(184, 49, 47)]/domain_tls (???).
  • [COLOR=rgb(41, 105, 176)]/var/cpanel/ssl[COLOR=rgb(184, 49, 47)]/system (WHM > SSL/TLS > SSL Storage Manager > User Account SSL Resources).
  • [COLOR=rgb(65, 168, 95)]/home/user/ssl (???).
Scripts that rebuild cPanel databases after manually adding/deleting the content of these folders.
  • [COLOR=rgb(41, 105, 176)]/var/cpanel/ssl[COLOR=rgb(184, 49, 47)]/apache_tls (run: /scripts/rebuildinstalledssldb).
  • [COLOR=rgb(41, 105, 176)]/var/cpanel/ssl[COLOR=rgb(184, 49, 47)]/domain_tls (run: ???).
  • [COLOR=rgb(41, 105, 176)]/var/cpanel/ssl[COLOR=rgb(184, 49, 47)]/system (run: ???).
  • [COLOR=rgb(65, 168, 95)]/home/user/ssl (run: /scripts/rebuilduserssldb user).

Comments

5 comments

Date Votes
  • vatra
    C'mon guys, can someone please help with this? I'm in a hurry and I've got a lot of questions regarding how the cPanel system handles certificate files. When a user adds/installs an SSL it is uploaded in the /home/user/ssl and /var/cpanel/ssl/apache_tls, right? But what's the domain_tls for? When I manually arrange files how can I make sure changes are picked up by the cPanel?
    0
  • cPRex Jurassic Moderator
    Hey hey! /var/cpanel/ssl/domain_tls are the same files as /var/cpanel/ssl/domain_tls, but broken down for each specific domain and subdomain on the server. These are used for various mail services, as the ownership of the "combined" file inside the directory is root:mail. The data in /home/user/ssl/ just makes the certificate data available to the user through the cPanel >> SSL/TLS Status page.
    When I manually arrange files how can I make sure changes are picked up by the cPanel?

    It really depends on what you're trying to do. In general, I wouldn't expect any manual manipulation of the SSL files to be necessary.
    0
  • vatra
    Hey hey :) I test various things at the moment with certificates and I have lots of domains so it's way easier to manually delete files and update DBs with scripts than to do each separately through the WHM/cPanel interfaces. For example, I switched from AutoSSL to Cloudflare certs so I deleted all the files in apache_tls and /home/user/ssl and ran the mentioned scripts to rebuild their DBs but domain_tls was left full with certs. That is why I'm asking how to properly handle manual management. Can you suggest a procedure? Also, the same question stands for system service certs.
    0
  • cPRex Jurassic Moderator
    I'm not able to recommend a manual way to handle all of these files as the system just isn't designed to do that. Even though it may only be one file that is changed, you may have to update cPanel userdata, Apache configuration, clear caches, reset user interface caches - it's a lot. And since that isn't work that we intend to happen manually, there isn't a guide available I can share.
    0
  • vatra
    I understand. Well, since I started this I might as well finish it. I deleted certs from /var/cpanel/ssl/apache_tls and ran the /scripts/rebuildinstalledssldb which updated the .index.sqlite DB of that folder. Running this script also updated the WHM and cPanel SSL interfaces. When I inspected the .index.sqlite through a text editor, I could see present and deleted cert entries, but the SQLite editor shows only the present ones. Why is that? I deleted certs from /var/cpanel/ssl/domain_tls which are copies of the previously mentioned. I deleted certs from /home/user/ssl and ran the /scripts/rebuilduserssldb user which updated the ssl.db of that folder and automatically created a backup which I also deleted. Everything looks fine. One thing I would like to mention though is that always install certs from the WHM or cPanel interface.
    0

Please sign in to leave a comment.

Didn't find what you were looking for?

New post