auto ssl fails for mail.domain.com when it has a different ip

BACg

Registered
Oct 8, 2015
4
0
51
Florida
cPanel Access Level
Root Administrator
Using Cloudflare FULL ssl and the A record for mail is NOT proxied. "Always use https" is OFF in Cloudflare. Http to https redirect is via .htaccess. The ip for the mail A record is on the origin server but different than the ip for the root domain. Auto ssl fails for the mail A record even though it succeeds for the other domains records. Ideas/suggestions? Thanks.

autossl_errors__2087-2020.08.04-13_10_17.jpg
 
Last edited:

cPanelLauren

Product Owner
Staff member
Nov 14, 2017
13,296
1,271
313
Houston
Most likely this resides in the configuration within CloudFlare. The service subdomains are what's failing here If you switch autodiscover.domain.tld for example to DNS Only in Cloudflare and run autossl I'd assume that it would be able to provision the certificate. They discuss this here: Identifying subdomains compatible with Cloudflare's proxy

Those subdomains are not applicable to be proxied through Cloudflare.


As far as the wildcard subdomain you have, that wouldn't be covered by Sectigo using AutoSSL.
 

BACg

Registered
Oct 8, 2015
4
0
51
Florida
cPanel Access Level
Root Administrator
Unlike LE, cPanel verifies all records with no problem. So the simple fix was to switch the default Auto SSL provider from Let's Encrypt to cPanel.