Difference between revisions of "SSL Monitoring"

From WHMCS Documentation

(Technical Details)
Line 33: Line 33:
 
#* Where $domain.com is the contents of the service's Domain field
 
#* Where $domain.com is the contents of the service's Domain field
 
# If no response is received, the "?" padlock icon is displayed
 
# If no response is received, the "?" padlock icon is displayed
# If a cURL error is received, then the red padlock icon is displayed
+
# If a cURL error is received, then the red padlock icon is displayed.
 +
#* This indicates cURL was unable to [https://curl.haxx.se/docs/sslcerts.html validate the certificate].
 
# If no cURL error is received, the test was successful and the yellow padlock icon is displayed.
 
# If no cURL error is received, the test was successful and the yellow padlock icon is displayed.
  

Revision as of 13:58, 16 January 2019

SSL Monitoring allows an admin or client to see the SSL status of a domain in real time when viewing a domain or service in WHMCS. The display will either be an icon only, or the icon with a text description. For the icon only display, hovering over the icon will provide the available information on the SSL status.

For products that do not have a domain, or contain data in the domain field that is not formatted as a domain, no check will occur.

Where is the Status Shown?

Admin Area

SSL Status Admin Area

In the admin area, the icon displaying the status of SSL on the domain can be found on the service and domain details page, in the top right of the display next to the move button.

Client Area

SSL Status Client Area List

The client area displays the status on the client service and domains lists, and on the service and domain details pages. On the lists, a new column has been added to the table with the list containing the status, with the status retrieved by and ajax call and updated.

SSL Status Client Area

On the products details page, the status can be see on the 'domain' tab. The domain details page lists the ssl status as part of the standard domain information. In the client area, the details pages will contain information about the SSL issued to the domain. This includes the issuer and expiry date of the issued SSL.

What are the Icons?

There are four icons that display the SSL information.

Ssl-active.png - Displays when a domain has an active SSL certificate. 

Ssl-inactive-domain.png - Displays when the status of the item is not active
 
Ssl-inactive-red.png - Displays when there is no SSL active on the domain

Ssl-unknown.png - Displays when the SSL check failed

Troubleshooting

Technical Details

  1. Upon loading the page, a cURL call is made from the WHMCS server to https://$domain.com with the ssl_verify_peer option enabled.
    • Where $domain.com is the contents of the service's Domain field
  2. If no response is received, the "?" padlock icon is displayed
  3. If a cURL error is received, then the red padlock icon is displayed.
  4. If no cURL error is received, the test was successful and the yellow padlock icon is displayed.

Testing

  • Connect to the command-line of your WHMCS server and run:
curl -v https://$yourdomain.com
    • Replace $yourdomain.com with the value from the Domain field in WHMCS. 
  • Look for an error code at the end of the output. An example is shown below:
[root@john ~]# curl -v https://v75.test.whmcs.rocks
* About to connect() to v75.test.whmcs.rocks port 443 (#0)
*   Trying 104.20.20.8... connected
* Connected to v75.test.whmcs.rocks (104.20.20.8) port 443 (#0)
* Initializing NSS with certpath: sql:/etc/pki/nssdb
*   CAfile: /etc/pki/tls/certs/ca-bundle.crt
  CApath: none
* SSL: certificate subject name '*.whmcs.com' does not match target host name 'v75.test.whmcs.rocks'
* NSS error -12276
* Closing connection #0
curl: (51) SSL: certificate subject name '*.whmcs.com' does not match target host name 'v75.test.whmcs.rocks'
  • In this example a 51 error code is returned
  • Please work with your server admin/hosting provider to resolve the cURL connection error between the WHMCS server and the hosting server.