Security Warning

GVP · **Security Warning -** 12-15-2006, 01:22 AM

Hello,

When trying to access CPanel, we are seeing the Security Warning popup which is reporting the security certificate belongs to "southbend60.pgzn.com". Although you can proceed thru this, it is disconcerting especially for some of my reseller clients.

What does it mean and is it fixable?

GVP.

12-15-2006, 01:31 AM

This is because the server is using the certificate on the new IP. They're bound to an IP, and they are our certificates, and the SSL is secure, but the warning pops up nevertheless because they're on the new IPs instead of the ones they were made on.

Yes it's fixable, and I understand it's distressing when you don't know why it's happening, but it's cosmetic. So in other words it will be down the list of things we do to set the servers up, because it's kind of a nuisance to fix and aside from the appearance, it has no real security issue involved.

allendick · 12-15-2006, 07:36 AM

I've been encountering these warnings with P-Z servers ever since I started using the secure POP on port 995, rather than the insecure port 25, and the secure WHM and secure cPanel URLs (https). I decided to do so a while back, when it became increasingly apparent that we all need to step up our security measures significantly, and especially since I'm often wireless and working from lots of different places--not that wired connections are all that secure from snooping along the route.

I had enquired here in the forum, and seem to recall that I was told that I could accept or install the certificate and eliminate the warnings. I tried that on MSIE and Firefox and Opera, and have not been successful. I haven't figured out how to do it on Outlook Express. FWIW, I also tried changing the URLs to contain southbend-134.pgzn.com, rather than the 8.9.24.134, but that was not successful in accessing the servers.

Can anyone explain how to get rid of these warnings? I realise that they are not as big an issue as the disruptions which have been happening recently and are maybe not at the top of the priority pile, but they are a real annoyance, and don't make us look (or feel) good. Moreover, I notice that another inexpensive WPP using WHM and cPanel seem to have this managed so that these sorts of messages are not appearing, so it must be reasonably doable.

I don't know enough about this topic to be able to find a workaround, but am hoping someone here does, and can explain how to make these warnings go away for good by providing URLs that don't trigger warnings, or step-by-step instructions on how to reassure our software so that it does not constantly warn us that our sites are dangerous.

In the short term, this has been bearable, but in the long term, it is an annoyance, and a detriment to maintaining confidence in our business.

edwurster · 12-15-2006, 06:45 PM

Quote:

Originally Posted by allendick

In the short term, this has been bearable, but in the long term, it is an annoyance, and a detriment to maintaining confidence in our business.

I agree with you. It is something that should not happen.

No matter how many times and ways I try to tell Firefox to accept the certificate permanently, it always returns.