AutoSSL Assigning LetsEncrypt cert without it being Installed

tomathlm

Registered
Mar 7, 2019
1
0
1
Michigan
cPanel Access Level
Root Administrator
Hey everyone,

I'll try and explain this as concisely as I can but the entire issue seems very odd to me and I can't find a common linkage. Overnight, we received an email that some subdomains from a newly launched site failed to receive their Cpanel auto SSL Certs claiming that it could not reach the validation file on a server that has nothing to do with us.

[removed - please attach images directly to the thread]

In Cpanel, it shows that the certs were in fact issued by Cpanel for 3 of the domains successfully.

[removed - please attach images directly to the thread]

I did a bit more digging and went to one of the subdomains (autodiscover) and, to my surprise, it had a certificate already installed. Even stranger, it had a LetsEncrypt certificate installed. LetsEncrypt isn't installed as an autoSSL provider on this server at all. And the cert that's installed is for the mail subdomain, not autodiscover.

[removed - please attach images directly to the thread]

Drilling down even deeper I found that the cert sees domain is a subdomain of site that we have no association with. domain.tld

[removed - please attach images directly to the thread]


I went to domain.tld and viewed their cert. It looks like they are using cpanel/letsencrypt to secure that domain and several others. I know this is a bit rambly, but I can't make sense of this situation and it's kind of concerning. Could anyone please shed some light as to what's going on to put my mind at ease?

Thanks!
 
Last edited by a moderator:

cPanelLauren

Forums Analyst II
Staff member
Nov 14, 2017
7,940
630
263
Houston
cPanel Access Level
DataCenter Provider
Hi @tomathlm


This is actually a pretty simple one to explain.


The domains in question:

mail.yourdomain.com

webdisk.yourdomain.com

autodiscover.yourdomain.com



All resolve to an IP address which differs from the IP yourdomain.com resolves to.



In order to resolve this issue, you need to rectify the A record for these subdomains. It looks like the IP address they resolve to has Let’s Encrypt installed and is providing an SSL certificate for them. If you want these domains to resolve to the same address yourdomain.com resolves to, you’ll need to modify the A record where DNS for the domains is hosted.




Thanks!