Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Adding autossl for proxy domain

Discussion in 'Security' started by Vijai, Apr 22, 2018.

  1. Vijai

    Vijai Member

    Joined:
    Jul 2, 2016
    Messages:
    17
    Likes Received:
    1
    Trophy Points:
    3
    Location:
    India
    cPanel Access Level:
    Root Administrator
    Hello,
    The cpanel, whm and webmail proxy subdomain are not covered with letsencrypt autossl on my server and the AutoSSL log says
    Code:
    This website’s SSL certificate lacks the following domains: cpanel.domain.com, webdisk.domain.com, webmail.domain.com, www.domain.primarydomain.com.
    AutoSSL will not replace a certificate that an installed AutoSSL provider did not generate unless it expires within 3 days.
    I do have a non-free ssl installed for the said domain but its expiring soon and I want the ssl to be fully replaced with autossl. Could someone help?

    Regards,
    Vijai
     
  2. Jcats

    Jcats Well-Known Member

    Joined:
    May 25, 2011
    Messages:
    629
    Likes Received:
    94
    Trophy Points:
    153
    Location:
    New Jersey
    cPanel Access Level:
    DataCenter Provider
    Vijai,

    Like the message says, the certificate will only replace them once your current SSL is going to expire within 3 days. This is because the current SSL was not issued by cPanel. If you want cPanel to issue the SSL for them right away, then go into WHM > Manage SSL Hosts

    Delete the current SSL, then run AutoSSL again for that cPanel account.

    As long as each subdomain resolves to your server, it will reissue the cert to cover them as well.
     
  3. 24x7server

    24x7server Well-Known Member

    Joined:
    Apr 17, 2013
    Messages:
    1,768
    Likes Received:
    79
    Trophy Points:
    78
    Location:
    India
    cPanel Access Level:
    Root Administrator
    If you do not have any SSL install, all you can do is enable the AutoSSL for the mentioned domain and it will validate and install new SSL after the current one is expired. You do not have to do anything on it manually for installation.. All you have to make sure that the proxy subdomains that you want SSL for should resolve to the correct IP and should have a valid DNS record.
     
  4. cPanelLauren

    cPanelLauren Forums Analyst
    Staff Member

    Joined:
    Nov 14, 2017
    Messages:
    968
    Likes Received:
    68
    Trophy Points:
    103
    Location:
    Houston
    cPanel Access Level:
    DataCenter Provider
    Hello,

    As indicated by @Jcats the message does indicate that the previous certificate was not issued by AutoSSL:

    You can do as suggested and remove the certificate or wait until the certificate is closer to expiration and allow AutoSSL to provision it.

    Thank you,
     
  5. Vijai

    Vijai Member

    Joined:
    Jul 2, 2016
    Messages:
    17
    Likes Received:
    1
    Trophy Points:
    3
    Location:
    India
    cPanel Access Level:
    Root Administrator
    So I deleted the ssl certificate today and tried to run autossl but got the below error:
    Code:
    9:44:27 AM WARN The domain “www.domain.com” failed domain control validation: The system queried for a temporary file at “Domain Name Registration and Web Hosting | Domain.com, which was redirected from “Domain Name Registration and Web Hosting | Domain.com. The web server responded with the following error: 404 (Not Found). A DNS (Domain Name System) or web server misconfiguration may exist.
    
    I'm sure dns resolves correct and I verified by creating a file under /.well-known/acme-challenge/test and it loads fine. What could be the cause now?
     
    #5 Vijai, Apr 28, 2018
    Last edited by a moderator: Apr 29, 2018
  6. Jcats

    Jcats Well-Known Member

    Joined:
    May 25, 2011
    Messages:
    629
    Likes Received:
    94
    Trophy Points:
    153
    Location:
    New Jersey
    cPanel Access Level:
    DataCenter Provider
    Remove the redirect in .htaccess for now, run AutoSSL, then you should be good to add the redirect back.
     
Loading...

Share This Page