Cyberpanel uses self-signed example.com SSL instead of Let's Encrypt hostname SSL

I successfully created a hostname SSL for panel.mydomain.com to use for accessing Cyberpanel, registered an A record for it (without using Cloudflare proxying), and restarted Litespeed. But when I access https://panel.mydomain.com, I get a browser security error, and when I inspect the certificate that the browser receives, it’s an invalid self-signed cert for www.example.com. I found this forum post, but it did not help.

Any advice? Thanks.

may i know your domain name ? i will try check the chain

If DNS is issued correctly and DNS is fully propagated then SSL issue will not have any issues.

Under Logs option inside Cyberpanel there will be an option named Cyberpanel main logs…click on it and find the SSL error there for your domain… you can use the same command from there which is related to issuing SSL (copy paste it) and execute that command in SSH by connecting to your Server using putty or any SSH tool.

I can’t find that log (the only options are Server Mail, Access Log, Error Logs, Email Log, FTP Logs and ModSec Audit Logs). But anyway, I connected to the server and checked that the cert was issued by looking in /etc/letsencrypt/live/ and yes, it’s there. When I check its details using openssl x509 -in cert.pem -text -noout, those details are correct. But the browser (Chrome) isn’t using it and won’t let me proceed to load the page when I try, instead it uses an example.com cert (I can proceed by typing “thisisunsafe” into the browser which tells Chrome to bypass cert validation).

What is the domain in question? I will check at my end how it pass through.

Will DM you, because I don’t want to put my Cyberpanel URL on the public web. Thanks!

I checked and its working perfectly fine for me with green padlock. You just have to clear your browser cache, cookies and rest options and then try again. Or else download some other browser and try to open the link there…

1 Like

if all green and the chain correct
then he only need to

  1. close browser
  2. change dns…try 1.1.1.1
  3. clear dns
    C:/> ipconfig /flushdns
  4. open private mode
  5. test re open the web

I don’t understand, because it’s still not working for me even after clearing cache and trying a different browser, and also trying on my phone with a different Internet connection, and I even tried using Tor browser. In all of these cases it still presenting a self-signed www.example.com certificate on the 8090 port used by Cyberpanel.

can you PM me the domain name ? i will recheck and compare with @die2mrw007

im not developer or official staff
i just community member.
so dont pm me if you think im staff or im a part of cyberpanel
but pm me the domain name if you trust me

Thankyou
i already check your domain
everything look good…
SSL is working
The chain is good
just like @die2mrw007 said

try this

  1. close your browser
    (include from task manager / background process)
  2. change your computer’s dns to 1.1.1.1
  3. open cmd *(better use administrator right)
  4. type c:> ipconfig /flushfdns
  5. wait 10second
  6. re open your browser with private mode

Many thanks. Well, I’ll just have to forget about this issue for now because I still can’t resolve it even after following your instructions, and there’s no point in wasting your time any more.

By the way, the DNS flush command on Mac is:

sudo dscacheutil -flushcache;sudo killall -HUP mDNSResponder

i never use mac
:frowning: cannot confirm it

im currious about this

i use many tools and some browser, and the result (all) is green…
it’s more like client side.

have you try change your mac’s DNS ?

Yes I tried changing it to both 1.1.1.1 and 8.8.8.8 and it didn’t help. And using two different browsers (Safari and Tor Browser - which doesn’t even use the local computer’s DNS settings), and on my phone, and on a Chromebook. So I am completely baffled about how it is working for both of you but not for me.

Your ISP must be forward *:53 to their dns server

try VPN (not browser vpn) like WARP (i dont know is warp available for mac or not)

Yes, even with a VPN I get the same result. I don’t know what else to tell you.

oh my god…

hmmm

can you click on this:
image

Screen Shot 2022-03-23 at 6.26.53 PM

weird… i believe @die2mrw007 see green ssl and not example.com

the last things to do is… try using other isp… maybe you can try using other wifi from your family or else ?

I have sent your personal message @terminus with screenshot of the SSL certificate and how it works at my end.

You need not have to worry about this problem as its specific to your system or ISP. Its a DNS cache issue technically which your Mac or ISP isn’t clearing or not able to flush older cache.

You can try some sites likes https://www.proxysite.com to check how it looks from different country.

1 Like