Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Adding autossl for proxy domain

Discussion in 'Security' started by Vijai, Apr 22, 2018.

  1. Vijai

    Vijai Member

    Joined:
    Jul 2, 2016
    Messages:
    17
    Likes Received:
    1
    Trophy Points:
    3
    Location:
    India
    cPanel Access Level:
    Root Administrator
    Hello,
    The cpanel, whm and webmail proxy subdomain are not covered with letsencrypt autossl on my server and the AutoSSL log says
    Code:
    This website’s SSL certificate lacks the following domains: cpanel.domain.com, webdisk.domain.com, webmail.domain.com, www.domain.primarydomain.com.
    AutoSSL will not replace a certificate that an installed AutoSSL provider did not generate unless it expires within 3 days.
    I do have a non-free ssl installed for the said domain but its expiring soon and I want the ssl to be fully replaced with autossl. Could someone help?

    Regards,
    Vijai
     
  2. Jcats

    Jcats Well-Known Member

    Joined:
    May 25, 2011
    Messages:
    720
    Likes Received:
    123
    Trophy Points:
    168
    Location:
    New Jersey
    cPanel Access Level:
    DataCenter Provider
    Vijai,

    Like the message says, the certificate will only replace them once your current SSL is going to expire within 3 days. This is because the current SSL was not issued by cPanel. If you want cPanel to issue the SSL for them right away, then go into WHM > Manage SSL Hosts

    Delete the current SSL, then run AutoSSL again for that cPanel account.

    As long as each subdomain resolves to your server, it will reissue the cert to cover them as well.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. 24x7server

    24x7server Well-Known Member

    Joined:
    Apr 17, 2013
    Messages:
    1,888
    Likes Received:
    90
    Trophy Points:
    78
    Location:
    India
    cPanel Access Level:
    Root Administrator
    If you do not have any SSL install, all you can do is enable the AutoSSL for the mentioned domain and it will validate and install new SSL after the current one is expired. You do not have to do anything on it manually for installation.. All you have to make sure that the proxy subdomains that you want SSL for should resolve to the correct IP and should have a valid DNS record.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  4. cPanelLauren

    cPanelLauren Forums Analyst II
    Staff Member

    Joined:
    Nov 14, 2017
    Messages:
    3,451
    Likes Received:
    246
    Trophy Points:
    173
    Location:
    Houston
    cPanel Access Level:
    DataCenter Provider
    Hello,

    As indicated by @Jcats the message does indicate that the previous certificate was not issued by AutoSSL:

    You can do as suggested and remove the certificate or wait until the certificate is closer to expiration and allow AutoSSL to provision it.

    Thank you,
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  5. Vijai

    Vijai Member

    Joined:
    Jul 2, 2016
    Messages:
    17
    Likes Received:
    1
    Trophy Points:
    3
    Location:
    India
    cPanel Access Level:
    Root Administrator
    So I deleted the ssl certificate today and tried to run autossl but got the below error:
    Code:
    9:44:27 AM WARN The domain “www.domain.com” failed domain control validation: The system queried for a temporary file at “Domain Name Registration and Web Hosting | Domain.com, which was redirected from “Domain Name Registration and Web Hosting | Domain.com. The web server responded with the following error: 404 (Not Found). A DNS (Domain Name System) or web server misconfiguration may exist.
    
    I'm sure dns resolves correct and I verified by creating a file under /.well-known/acme-challenge/test and it loads fine. What could be the cause now?
     
    #5 Vijai, Apr 28, 2018
    Last edited by a moderator: Apr 29, 2018
  6. Jcats

    Jcats Well-Known Member

    Joined:
    May 25, 2011
    Messages:
    720
    Likes Received:
    123
    Trophy Points:
    168
    Location:
    New Jersey
    cPanel Access Level:
    DataCenter Provider
    Remove the redirect in .htaccess for now, run AutoSSL, then you should be good to add the redirect back.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice