Auto SSL failed, Self signed certificates

markzchen

Member
Oct 15, 2019
10
1
3
indonesia
cPanel Access Level
DataCenter Provider
Hi, i have issue when use AutoSLL, some of my domain have this error

ERROR Defect: OPENSSL_VERIFY: The certificate chain failed OpenSSL’s verification (0:18:DEPTH_ZERO_SELF_SIGNED_CERT).

could anyone help me ?
 

kodeslogic

Well-Known Member
PartnerNOC
Apr 26, 2020
441
207
118
IN
cPanel Access Level
Root Administrator
Was the previously installed certificate issued by the AutoSSL feature, or was it a third-party SSL certificate?
If it was a third-party SSL certificate, the following option is available under the Options tab in WHM >> Manage AutoSSL:

Allow AutoSSL to replace invalid or expiring non-AutoSSL certificates.
 
  • Like
Reactions: cPRex

markzchen

Member
Oct 15, 2019
10
1
3
indonesia
cPanel Access Level
DataCenter Provider
Was the previously installed certificate issued by the AutoSSL feature, or was it a third-party SSL certificate?
If it was a third-party SSL certificate, the following option is available under the Options tab in WHM >> Manage AutoSSL:

Allow AutoSSL to replace invalid or expiring non-AutoSSL certificates.
no, we don't purchased any third party ssl certificates, and we already checked Allow AutoSSL to replace invalid or expiring non-AutoSSL certificates.
 

Attachments

kodeslogic

Well-Known Member
PartnerNOC
Apr 26, 2020
441
207
118
IN
cPanel Access Level
Root Administrator

cPRex

Jurassic Moderator
Staff member
Oct 19, 2014
10,360
1,629
363
cPanel Access Level
Root Administrator
That line of the output you're seeing isn't the actual error - it just indicates that AutoSSL needs to be run on that domain to replace the self-signed certificate. The full error would look something like this:

Code:
Log for the AutoSSL run for “username”: Monday, May 28, 2018 12:04:09 PM GMT+05-45 (cPanel (powered by Comodo))
12:04:09 PM AutoSSL’s configured provider is “cPanel (powered by Comodo)”.
Checking websites for “username” …
12:04:09 PM Checking “username.com” …
12:04:09 PM ERROR TLS Status: Defective
Certificate expiry: 5/21/19, 12:21 PM UTC (358.25 days from now)
ERROR Defect: OPENSSL_VERIFY: The certificate chain failed OpenSSL’s verification (0:18:DEPTH_ZERO_SELF_SIGNED_CERT).
12:04:11 PM AutoSSL will request a new certificate.
12:04:11 PM The system will attempt to renew the SSL certificate for the website (username.com: username.com www.username.com mail.username.com webmail.username.com cpanel.username.com webdisk.username.com).
The provider “cPanel (powered by Comodo)”’s AutoSSL queue already contains a request for a certificate for “username”’s website “username.com”. The request’s start time is May 21, 2018, 12:21:51 PM UTC and its last poll time is May 28, 2018, 12:24:30 AM UTC.
12:04:11 PM The system has completed the AutoSSL check for “username”.
That is a slightly older version, but it's the quickest one I could find to show a proper example.

Is there anything else in the log that would show more details on the issue?