Control Web Panel

WebPanel => SSL => Topic started by: shobhit on August 22, 2019, 11:01:07 AM

Title: SSL certificate blocked by antivirus for Apache + NGINX + Varnish
Post by: shobhit on August 22, 2019, 11:01:07 AM
I am using CWPPRO with Apache + NGinx + Varnish installation. Earlier I used only Apache installation. With Apache only, I was able to loginto the Admin GUI and User Dashboard by managing SSL Exceptions when it was showed in the browser. I just had to click "I Understand the Risk and want to visit  URL" and login windows opened up.

Yesterday, I updated the Server to Apache + NGinx + Varnish and since then I am not able to cross the "Connection not protected" error message since the is no option available to pass it. I am using Kaspersky INternet Security on my machine. If I exit this antivirus on my machine, then I get the Manage Exceptions option in browser and I can reach login window. But my client is not convinced with this. He is a less technical guy and doesnot want to close the antivirus and doesnt belive that our server is secure.

I even deleted the existing SSL and reinstalled on his domain but the issue still persists. Kindly suggest some solution, its urgent.

Message I get in Browser:


Connection not protected
The security of your connection is reduced. Criminals can attempt to steal your data from the website. You are advised to leave this website.

URL:

myservername

Reason:

Self-signed certificate View certificate
Title: Re: SSL certificate blocked by antivirus for Apache + NGINX + Varnish
Post by: BBS on September 07, 2019, 10:21:48 AM
You find solution?
Title: Re: SSL certificate blocked by antivirus for Apache + NGINX + Varnish
Post by: shobhit on September 09, 2019, 10:01:02 AM
Yeah,
I started using hostname:2083 instead of userdomainname:2083 and things worked
Title: Re: SSL certificate blocked by antivirus for Apache + NGINX + Varnish
Post by: BiDouiLle on September 14, 2019, 09:09:42 AM
Hi,

You gave the answer
URL:
myservername

Reason:
Self-signed certificate View certificate

Best way to connect :
 - Use the declared hostname of your server (cwp)
 - If you don't have a A record in the DNS zone you can add it the client host file
 - Then you'll be able to connect to https://hostname.domaine.tld:2087
 - Most important to avoid the self-signed error, use a Let's Encrypt certificate, if your hostname and dns settings are right on your server it should be ok.

Regards.

Louis