cPanel OpenSSL need Immediate Updates – intermediary CA certificate used by Sectigo expired causing some older versions of OpenSSL unable to validate the certificate chain

from cPanel Update News

cPanel released an updates a few days earlier on SSL update which may disrupt some cPanel System . If you are managing your own cPanel , you should follow the updates on cPanel below

https://support.cpanel.net/hc/en-us/articles/360048670574-Root-CA-Certificate-Expiration

On May 30, 2020 an intermediary CA certificate used by Sectigo expired causing some older versions of OpenSSL unable to validate the certificate chain. This event reduced compatibility with a wide range of software and services. Some of the impacted software is listed below. New installations and updates for cPanel & WHM, EasyApache, and several other services were impacted. We have since installed an updated intermediate certificate provided by Sectigo to restore functionality.

Sectigo SSL certificates installed before May 1, 2020, will need to be reinstalled to ensure compatibility with the software listed below. If you are running a supported version of cPanel & WHM (version 86 and later), and have updates enabled, we have issued a fix to install the new intermediate certificate during the next update that does not require updating OpenSSL. The intermediate certificate update is seamless to end-users.

If you have disabled automatic updates and you are running a supported version of cPanel & WHM (version 86 and later), running the following commands in a root shell will update the affected Sectigo intermediate certificates for configured domains hosted on the server:

/scripts/autorepair update_sectigo_cabundles
/scripts/restartsrv_apache

These commands will not work on unsupported versions of cPanel & WHM. Servers running anything older than version 86 should update as soon as possible.

Note that this will not correct hostname certificates. If your server’s hostname certificate is exhibiting errors related to this, please see our article here: https://support.cpanel.net/hc/en-us/articles/360048676014-Autofixer-does-not-update-hostname-certificate-Root-CA

You can find out more information from the vendor about the root CA certificate expiration here: https://support.sectigo.com/articles/Knowledge/Sectigo-AddTrust-External-CA-Root-Expiring-May-30-2020

Affected Client Software:

Legacy clients that have not received an SSL/TLS update since mid-2015
Client software using OpenSSL older than 1.1.0, such as wget and curl

Should you have any questions about SSL errors that you’re experiencing, please click submit a request at the bottom of this page.

Table of Contents

cPanel OpenSSL need Immediate Updates – intermediary CA certificate used by Sectigo expired causing some older versions of OpenSSL unable to validate the certificate chain

from cPanel Update News

Related

Promotion

Latest News & Blogs

Google Launches Gemini Deep Research: How it Saves Your Work | SEO Malaysia 2025

2024/2025 Exciting Remote Work Career Opportunities with BigDomain: Leading SEO Agency Malaysia

All-in-One Website Ranking Google SEO Micro Booster Malaysia for RM1,480 (Save RM3,519)!

Table of Contents

CATEGORIES

Editor Picks

Is iPhone 15 a Worthwhile Upgrade Over iPhone 14? Examining the Key Differences

NIMP 2030: Empowering SMEs and Boosting Malaysia’s Competitiveness

POPULAR POSTS

Google Launches Gemini Deep Research: How it Saves Your Work | SEO Malaysia 2025

2024/2025 Exciting Remote Work Career Opportunities with BigDomain: Leading SEO Agency Malaysia

All-in-One Website Ranking Google SEO Micro Booster Malaysia for RM1,480 (Save RM3,519)!