Auto SSL failed, Self signed certificates

[markzchen]

Hi, i have issue when use AutoSLL, some of my domain have this error

ERROR Defect: OPENSSL_VERIFY: The certificate chain failed OpenSSL’s verification (0:18:DEPTH_ZERO_SELF_SIGNED_CERT).

could anyone help me ?

 

[kodeslogic]

Was the previously installed certificate issued by the AutoSSL feature, or was it a third-party SSL certificate?
If it was a third-party SSL certificate, the following option is available under the Options tab in WHM >> Manage AutoSSL:

Allow AutoSSL to replace invalid or expiring non-AutoSSL certificates.

 

[markzchen]

Was the previously installed certificate issued by the AutoSSL feature, or was it a third-party SSL certificate?
If it was a third-party SSL certificate, the following option is available under the Options tab in WHM >> Manage AutoSSL:

Allow AutoSSL to replace invalid or expiring non-AutoSSL certificates.

no, we don't purchased any third party ssl certificates, and we already checked Allow AutoSSL to replace invalid or expiring non-AutoSSL certificates.

 

[kodeslogic]

I would suggest opening a Support Ticket to cPanel team or contacting certified System Administration Services to assist you further.

 

[cPRex]

That line of the output you're seeing isn't the actual error - it just indicates that AutoSSL needs to be run on that domain to replace the self-signed certificate. The full error would look something like this:

Log for the AutoSSL run for “username”: Monday, May 28, 2018 12:04:09 PM GMT+05-45 (cPanel (powered by Comodo))
12:04:09 PM AutoSSL’s configured provider is “cPanel (powered by Comodo)”.
Checking websites for “username” …
12:04:09 PM Checking “username.com” …
12:04:09 PM ERROR TLS Status: Defective
Certificate expiry: 5/21/19, 12:21 PM UTC (358.25 days from now)
ERROR Defect: OPENSSL_VERIFY: The certificate chain failed OpenSSL’s verification (0:18:DEPTH_ZERO_SELF_SIGNED_CERT).
12:04:11 PM AutoSSL will request a new certificate.
12:04:11 PM The system will attempt to renew the SSL certificate for the website (username.com: username.com www.username.com mail.username.com webmail.username.com cpanel.username.com webdisk.username.com).
The provider “cPanel (powered by Comodo)”’s AutoSSL queue already contains a request for a certificate for “username”’s website “username.com”. The request’s start time is May 21, 2018, 12:21:51 PM UTC and its last poll time is May 28, 2018, 12:24:30 AM UTC.
12:04:11 PM The system has completed the AutoSSL check for “username”.

That is a slightly older version, but it's the quickest one I could find to show a proper example.

Is there anything else in the log that would show more details on the issue?

 

[jasoncollege24]

I'm getting this same thing, but in the logs, I'm also getting errors when trying to actually get the certificates. (I would've put the below in a code block, but the code block button brings up a forum list)


2:09:40 PM ERROR AutoSSL failed to request an SSL certificate for “seraphina.jasoncollege24.com” because of an error: (XID 5xnrm4) The cPanel Store returned an error (X::Order::NotFound) in response to the request “POST ssl/certificate/free”: Generic exception
ERROR AutoSSL failed to request an SSL certificate for “ussmidway.jasoncollege24.com” because of an error: (XID rh56nb) The cPanel Store returned an error (X::Order::NotFound) in response to the request “POST ssl/certificate/free”: Generic exception

 

[cPRex]

@jasoncollege24 - please see the main thread on today's issue here - ERROR AutoSSL - error: (XID pcpt27) - request from “https://store.cpanel.net/json-api/ssl/certificate/free” indicated an error (504, Gateway Timeout)