Automatically-Issued Hostnames


Last modified: June 4, 2020

Overview

First-time users who try to log in to WHM on newly-installed servers will frequently see a security warning. Newly-installed servers without a fully-qualified domain name (FQDN) as a hostname will automatically receive one from cPanel, L.L.C. The hostname will be a subdomain of cprapid.com.

Why do you need an automatically-issued hostname?

The first time a user tries to log in to WHM on a newly-installed server, they will see a security warning. It can be scary, especially for users on a trial license running cPanel & WHM for the first time.

This happens because most modern browsers will display a warning whenever a user tries to visit a site or domain with an invalid or self-signed certificate.

cPanel & WHM attempts to secure your server immediately after installation. First, it installs a self-signed certificate to secure the server. Then, it requests a free hostname certificate from our Certificate Authority to secure the server.

However, sometimes a user does not set a resolvable FQDN as the server’s hostname. So, the Certificate Authority cannot issue a certificate for the server. The self-signed certificate remains on the server, and the new user will see a warning when they try to log in to WHM.

How it works

To allow the Certificate Authority to issue a certificate, we will automatically issue hostnames to newly-installed servers without a valid FQDN hostname.

The installer script check the hostname of a newly-installed server. If the hostname does not resolve to the server’s IP address, the script requests an automatically-issued hostname from cprapid.com domain. The cprapid.com nameservers will generate a new subdomain and point it at the server’s primary IP address. The server will use that subdomain as a hostname to request a certificate from the Certificate Authority and install it.

By the time the user logs in to WHM for the first time, the certificate is installed and ready, so no security warning appears.

Limitations

  • The auto-issued hostname only issues a FQDN under the cprapid.com domain and points it to the main IP address of the server.

  • You cannot manage the subdomain or delegate the subdomain to any other server. Nor can you request additional domains or subdomains from cprapid.com for your server.

  • To create subdomains for DNS servers and other services, such as nameservers and FTP servers, you must set the server to use a hostname at a domain that you control.

Taking flight

We encourage users to replace the auto-issued hostname with an existing domain or purchase a new domain to generate a hostname. Using your own domain name and hostname will help establish your company’s brand.

To change the server’s hostname, use WHM’s Change Hostname interface (WHM >> Home >> Networking Setup >> Change Hostname).

After a user changes the server’s auto-issued hostname to their new hostname, the Certificate Authority will issue a new certificate for the server and the change should be seamless.

Caveats

If a partner disables the free hostname certificate service for their customers Manage2’s Update Company Information interface (Manage2 >> Dashboard >> Company >> Update Company Information), the server will still use the self-signed certificate. Because of this, they will see the security warning when they try to log in to WHM.

Also, if a partner uses a post-installation script to assign a hostname to the server, the script will continue to work as expected. If partners use a pre-installation script to assign a hostname to the server, that hostname must be a FQDN that resolves to the server or it will be replaced by an auto-issued hostname.

Additional Documentation