Protect using SSL

[bear]

This indicates that you've installed the SSL as the user "nobody" and are running SuPHP which is restricting Apache's ability to run PHP scripts as 'nobody' as you attempt to parse them over the SSL.

How does one install an SSL certificate as "nobody"? Generally it's done as a user on the system, be it root, reseller or end user, so that's confusing.

I've seen certs fail when they don't have the right chain, but never "nobody" ownership. Can you clear that up for me?

[Dean - ITDept.net]

An SSL certificate should only be installed on the nobody user if it is meant to be a shared certificate. Normally, an SSL certificate should be installed for the account user that owns the domain for which the certificate was generated.

 

Go to /var/cpanel/userdata/nobody to see if the cert is there by domain.com_SSL (domain.com being your domain's name) name. If it is, then move it to /var/cpanel/userdata/user (where user is the cPanel username of the right user). Open up the domain.com_SSL file and change the following in that file:

 

documentroot: /home/user/public_html

group: user

homedir: /home/user

user: user

 

Replacing user with the username for each one. Of note, these are not the only lines in the file, they are just the lines you need to change in that file.

 

If the account is a reseller and not owned by root, you will also need to change owner: root to owner: user.

 

Please also check the ip: field has the right IP listed.

 

After making all the changes, then run these commands to rebuild Apache with the new entries and get it restarted:

 

/scripts/rebuildhttpdconf

/etc/init.d/httpd restart