cPanel Single Sign on always uses IP address

[taterkakes]

Since the update any of the cPanel login links are using the IP address only, which combined with SSL is causing certificate errors to show up, doesn't look very good. On the last 5 version it used the server hostname without any problem. I've been unable to find any template direction on where this is defined to see if I could remedy it.

 

Is anyone else having this problem?

[taterkakes]

I have since found that each time I attempt to use the links for single sign on the following entry is placed in the activity log:

 

"Single Sign-On Request Failed with a Fatal Error:"

 

It does still redirect to cPanel and appears to sign in with the correct user, but it does only do so using the IP address.

[Tom-S]

I'm also having the exact same issue. I've put in a ticket, I'll let you guys know the response. This is definitely an issue with 6.0, I'm waiting for them to look at the issue on my server before I role-back. Luckily I'm really new to reselling and don't have any clients yet. I'm still in a learning stage. But at least this gives me a better idea that the problem doesn't lie with me.

[D2NV]

Make that three of us. I'm about to go live with my new hosting business and I decided to upgrade to V6. The new Six template looks great but the single sign on does not work as you have described. I've noticed also that the Quick Shortcut icons don't take you to the relevant cPanel pages on the site. They default to the main cPanel page once I get past the certificate warning (because I'm using an IP address and not the URL). I look forward to the results from your support ticket Tom-S

[geistschatten]

My workaround to this was simply to copy the hostname into the IP Address field when you are in the Edit Server page of the admin area.

 

The error magically disappears and single-sign-on works.

 

I'm not saying that's the best or right method, but it worked and so I'm happy.

[taterkakes]

I may have to try that as well. It's quite frustrating right now though.

[Tom-S]

My workaround to this was simply to copy the hostname into the IP Address field when you are in the Edit Server page of the admin area.

 

The error magically disappears and single-sign-on works.

 

I'm not saying that's the best or right method, but it worked and so I'm happy.

 

I've tried this and it still forces SSL. I don't have an SSL for my domain yet but I can see this working a treat. Thanks for that.

It appears to be problem with WHMCS forcing SSL.

 

I put in a ticket and they replied with:

"Thank you for contacting WHMCS support! It appears that the remote WHM server itself is configured to force requests over SSL without a valid SSL certificate, and you would need to disable this on the server to resolve it. I believe the settings for this are under the Redirect tab on Tweak Settings, but your server admin or cPanel support can check and help with changing them as needed."

 

Both me and my reseller provider can confirm that this isn't the case. We have not set it to force SSL and the fact that it worked pre-6.0 shows it's a 6.0 problem... Annoying.

[rota919]

I can confirm it is an issue with ver 6.

All instances of any references to SSL is disabled in WHMCS and none of my servers redirect to SSL.

I do have an SSL cert on my site and thought that might be the problem but looking at your caese and the response you received from support convinced me it is not the case.

[rota919]

I've tried this and it still forces SSL. I don't have an SSL for my domain yet but I can see this working a treat. Thanks for that.

It appears to be problem with WHMCS forcing SSL.

 

I put in a ticket and they replied with:

"Thank you for contacting WHMCS support! It appears that the remote WHM server itself is configured to force requests over SSL without a valid SSL certificate, and you would need to disable this on the server to resolve it. I believe the settings for this are under the Redirect tab on Tweak Settings, but your server admin or cPanel support can check and help with changing them as needed."

 

Both me and my reseller provider can confirm that this isn't the case. We have not set it to force SSL and the fact that it worked pre-6.0 shows it's a 6.0 problem... Annoying.

 

WHMCS chose to not give us an option to make the API call over an unsecure connection.

Referring to the cPanel documentation example that is shown using https.

https://documentation.cpanel.net/display/SDK/Guide+to+API+Authentication#GuidetoAPIAuthentication-singlesignon

 

I tested the example as is and then calling the API over an unsecure connection and received exactly the same jason data without any errors.

 

I made the suggestion in the support ticket to give me an option to decide how I want to call the API. We already have that option when configuring the servers. Why not use the same when calling the API from the member side.

 

It is the same site/server/risk so nothing changes.

[usadomains]

My workaround to this was simply to copy the hostname into the IP Address field when you are in the Edit Server page of the admin area.

 

The error magically disappears and single-sign-on works.

 

 

We were having issues with the links in cpanel, redirecting to the wrong place in WHMCS, but changing the IP to the server hostname fixes the problem

[geistschatten]

@usadomains, Glad that fixed the problem for you

[IgorBeDust]

Hi , 
I have this issue now. 
And the Edit Server does not let me change the IP address for the hostname. I get " Invalide IP Address" error.

 

[Metrotechs]

This still seems to be an issue in 2022.... When a client clicks on "login to cpanel" from the WHMCS frontend, they are hit with an SSL error. 

[naijawebhost]

Facing the same issue here.