Skip to main content

A domain on our server is loading the SSL cert of another unrelated domain

Comments

12 comments

  • cPRex Jurassic Moderator

    Hey there!  I'm not sure if the Forums will be a good candidate to help with this type of issue, since we have to work in hypotheticals and can't share the domain/user/IP address here.

    The most likely explanation in a case like this is odd DNS behavior.  I'd recommend trying to run this command from another server or your local workstation, if possible, to ensure that domain is connecting to the correct host, as this will show the SSL connection and the IP address at the same time:

    curl -v https://domain.com

    Just replace "domain.com" with the domain you're working with to run the command.

    If you don't find much with that, it would be best to create a ticket so this can be investigated.

    0
  • PPNSteve

    I just tried it and curl reported:

    curl : The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel.
    At line:1 char:1
    + curl -v https://www.[domain].com

    So something in the configuration cPanel did is messed up for this domain. Can't open a ticket as it forces me to use the datacenter's support and they don't want to really help with this, so any other ideas or suggestions?

     

    0
  • cPRex Jurassic Moderator

    You can always purchase your cPanel license directly from us and then you would be eligible for our support.  Otherwise you'll likely want to work with a third-party to get the issue resolved as we'll need server access to fix this one.

    0
  • PPNSteve

    You guys have worked tickets on my server's before..  not sure why it won't let me create a new one now.. 

     

    Thanks for your reply cPRex.. Rawr!

    one day this might get fixed.. one day.

    0
  • cPRex Jurassic Moderator

    We updated our support guidelines in December so only direct license holders can contact cPanel support.  If the license is purchased elsewhere, that provider should be your first contact for support issues, and then they can escalate the problem to us if necessary.

    0
  • PPNSteve

    They don't seem to think it's a cPanel problem.. It happened after moving the site to a new server with the same IP as it had before.. it's the only site in the move that is having an issue like this and I'm 110% stumped as to what to do next.

    0
  • PPNSteve

    Just a couple screenshots showing what' we are seeing. (there are times when it shows the default 404 page too)

    connecting to http (unsecured) we get:

    connecting to https (SSL secured) this happens:

    same for subdomains set up on this domain with one exception; www.subdomain1.domain.com loads it's site (we've never used www. on a subdomain before)

    Pretty weird, right?

    0
  • cPRex Jurassic Moderator

    Thanks for sharing those. The "Sorry" page is most often caused by a mismatch between the IP address configured in DNS and the IP address configured in the Apache vhost for the domain.  Does that seem to be the case with this account?

    0
  • PPNSteve

    No, I've checked both the DNS zone and apache.conf and the IP's match as far as I can tell. Not sure what's happening here at all

    <VirtualHost 66.xxx.xxx.89:80>
      ServerName [domain].com
        ServerAlias ipv6.[domain].net ipv6.[domain].org mail.[domain].com mail.[domain].net mail.[domain].org [domain].net [domain].org www.[domain].com www.[domain]$.. etc
      DocumentRoot /home/[username]/public_html
      ServerAdmin webmaster@[domain].com
      UseCanonicalName Off

      ## User [username] # Needed for Cpanel::ApacheConf
      <IfModule userdir_module>
        <IfModule !mpm_itk.c>
          <IfModule !ruid2_module>
            <IfModule !mod_passenger.c>
              UserDir disabled
              UserDir enabled [username]
            </IfModule>
          </IfModule>
        </IfModule>
      </IfModule>

      # Enable backwards compatible Server Side Include expression parser for Apache versions >= 2.4.
      # To selectively use the newer Apache 2.4 expression parser, disable SSILegacyExprParser in
      # the user's .htaccess file.  For more information, please read:
      #    http://httpd.apache.org/docs/2.4/mod/mod_include.html#ssilegacyexprparser
      <IfModule include_module>
        <Directory "/home/[username]/public_html">
          SSILegacyExprParser On
        </Directory>
      </IfModule>

    and so on..  same for ssl :443

    would packaging up the account, deleting account in WHM, then restoring it from the packaged tar.gz  possibly work, or?? I'm out of ideas here..

     

    0
  • cPRex Jurassic Moderator

    No, I don't think deleting the account would change anything.  It's definitely time to create a ticket with your host.

    0
  • PPNSteve

    Ok, desperate attempt; I tried removing it's assigned IPv6 IP and apparently that worked (for us on IPv6 enabled ISPs).. so somehow one of our IPV6 IP's point to or is routing to some random website..

    other IPs in the immediate range , i.e. ::1, ::2, etc all work correctly.. 

    The website seems accessible now and I'm not getting reports any longer..  so we'll monitor and go from there.

     

    thanks for all the answers and your time cPRex 🐱‍🐉Rawwr!!

    This whole thing is weird beyond anything I've seen before.

    0
  • cPRex Jurassic Moderator

    Well that's certainly interesting and not something I would have come up with by guessing over the Forums, but glad you figured that out!

    0

Please sign in to leave a comment.