Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

SOLVED AutoSSL Certificate problem

Discussion in 'Security' started by Nirjonadda, May 12, 2017.

Tags:
  1. Nirjonadda

    Nirjonadda Well-Known Member

    Joined:
    May 8, 2013
    Messages:
    597
    Likes Received:
    15
    Trophy Points:
    68
    cPanel Access Level:
    Root Administrator
    Still are not working.

    Code:
    Log for the AutoSSL run for “mysite”: Friday, May 12, 2017 8:53:45 PM GMT+0200 (cPanel (powered by Comodo))
8:53:45 PM This system has AutoSSL set to use “cPanel (powered by Comodo)”.
8:53:45 PM Checking websites for “mysite” …
8:53:45 PM The website “mysite.com”, owned by “mysite”, has a faulty SSL certificate (OPENSSL_VERIFY:0:18:DEPTH_ZERO_SELF_SIGNED_CERT NOT_ALL_DOMAINS). AutoSSL will attempt to replace this certificate.
8:53:46 PM The system will attempt to renew SSL certificates for the following websites:
8:53:46 PM mysite.com (mysite.com www.mysite.com mail.mysite.com webmail.mysite.com cpanel.mysite.com webdisk.mysite.com)
8:53:48 PM The system has completed the AutoSSL check for “mysite”.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #1 Nirjonadda, May 12, 2017
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    43,961
    Likes Received:
    1,822
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello @Nirjonadda,

    I moved this post to it's own thread, as it does not appear related to the issue with Comodo's servers.

    This suggests the certificate is waiting on Comodo for processing. While the AutoSSL feature generally only requires a short amount of time to complete the installation process, certain factors may lead to longer wait times. Under some conditions, certificates may require up to 48 hours to process. You can try waiting a few hours and then running the following command to check the AutoSSL certificate for the account:

    Code:
    /usr/local/cpanel/bin/autossl_check --user=$username
    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #2 cPanelMichael, May 12, 2017
    Last edited: Mar 5, 2018
  3. Rob Golding

    Rob Golding Registered

    Joined:
    Jul 6, 2016
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    London, UK
    cPanel Access Level:
    DataCenter Provider
    Comodo being essentially "down" for 3 days hasn't helped with real certs:(

    We don't use auto-ssl on production systems, but have vps clients who do, it's been unable to update/validate/download certs for over a week with them "stuck" in the queue

    Although the docs say they'll only stay there for 24 hours the .json file never seems to get purged. Deleting it manually and fcing it to try again ...

    /usr/local/cpanel/bin/autossl_check_cpstore_queue --force
    Polling for redacted new certificate for redacted (order item ID redacted) …
    The certificate is not available. (processing)
     
    #3 Rob Golding, May 12, 2017
  4. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    43,961
    Likes Received:
    1,822
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello Rob,

    Feel free to open a support ticket using the link in my signature if the certificates are still not processing so we can take a closer look and see what's happening.

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #4 cPanelMichael, May 29, 2017
  5. Adwin Lui

    Adwin Lui Member

    Joined:
    Feb 10, 2015
    Messages:
    6
    Likes Received:
    1
    Trophy Points:
    3
    Location:
    Vancouver, British Columbia, C
    cPanel Access Level:
    Reseller Owner
    I hope it's ok to piggyback onto this thread, it seems I have the same issue, it's been in the queue for a few days, here is the autossl Log for this account:

    11:55:01 AM Polling for “domain”’s new certificate for “domain.com” (order item ID “199073739”) …
    11:55:02 AM The certificate is not available. (processing)
    12:00:02 PM The queue contains a request for a certificate for “domain”’s website “domain.com”. The system last polled for this certificate at Jun 19, 2017, 6:55:02 PM UTC. The next poll will be no earlier than Jun 19, 2017, 7:55:02 PM UTC.

    Here is the Pending queue:

    www.domain.com domain.com domain Jun 19, 2017 2:41:01 AM 199073739 Pending
    domain.com domain.com domain Jun 19, 2017 2:41:01 AM 199073739 Pending

    The following Comodo's IP are already in our CSF allow:
    178.255.81.12
    178.255.81.13
    91.199.212.132
    199.66.201.132

    This is a wordpress site, but we're not running any usual culprit plugins like Wordfence or iThemes security

    The cpanel-generated comodo redirect rules are present in htaccess

    Thank you for any advice!
     
    #5 Adwin Lui, Jun 19, 2017
  6. Adwin Lui

    Adwin Lui Member

    Joined:
    Feb 10, 2015
    Messages:
    6
    Likes Received:
    1
    Trophy Points:
    3
    Location:
    Vancouver, British Columbia, C
    cPanel Access Level:
    Reseller Owner
    #6 Adwin Lui, Jun 19, 2017
  7. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    43,961
    Likes Received:
    1,822
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello @Adwin Lui,

    Feel free to open a support ticket if you'd like us to take a closer look.

    Thanks.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #7 cPanelMichael, Jun 19, 2017
  8. Adwin Lui

    Adwin Lui Member

    Joined:
    Feb 10, 2015
    Messages:
    6
    Likes Received:
    1
    Trophy Points:
    3
    Location:
    Vancouver, British Columbia, C
    cPanel Access Level:
    Reseller Owner
    Solved.
    So just to update this thread
    the issue was a trademark keyword in the domain that Comodo had to validate with us to clear and allow the SSL certificate issue, so a ticket is necessary in such cases.
     
    #8 Adwin Lui, Jun 22, 2017
    cPanelMichael likes this.
  9. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    43,961
    Likes Received:
    1,822
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello,

    I'm glad to see the issue is now solved. Thank you for updating us with the outcome.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #9 cPanelMichael, Jun 23, 2017
  10. rogerw

    rogerw Member

    Joined:
    Feb 21, 2012
    Messages:
    22
    Likes Received:
    3
    Trophy Points:
    53
    cPanel Access Level:
    Website Owner
    Quick heads up to anyone looking to troubleshoot, as I was. The above command gave me some pause, and twiddling around. Turns out the correct command is:

    /usr/local/cpanel/bin/autossl_check --user=<username>

    I hope this minor tweak in command helps anyone else searching for troubleshooting information.
     
    #10 rogerw, Mar 3, 2018
    cPanelMichael likes this.
  11. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    43,961
    Likes Received:
    1,822
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hi @rogerw,

    Good catch. The previous command looks to have worked well, but you are right that it doesn't match our documentation. I've modified my earlier response to reflect the change you noted.

    Thanks!
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #11 cPanelMichael, Mar 5, 2018
(You must log in or sign up to post here.)
Loading...
Similar Threads - AutoSSL Certificate problem
  1. willke

    Stop AutoSSL notification emails - "The SSL certificate expires on ..."

    willke, Jul 4, 2018, in forum: Security
    Replies:
    4
    Views:
    113
    willke
    Jul 5, 2018
  2. Agics

    autossl not renewing certificate

    Agics, Jul 2, 2018, in forum: General Discussion
    Replies:
    3
    Views:
    122
    cPanelLauren
    Jul 3, 2018
  3. chuckcintron

    autoSSL issue with existing wildcard certificate

    chuckcintron, Jun 27, 2018, in forum: Security
    Replies:
    1
    Views:
    77
    cPanelMichael
    Jun 28, 2018
  4. Volt55

    AutoSSL errors, not renewing certificate

    Volt55, May 30, 2018, in forum: General Discussion
    Replies:
    1
    Views:
    987
    cPanelLauren
    May 30, 2018
  5. diracuser

    SOLVED About AutoSSL Certificates

    diracuser, May 21, 2018, in forum: Security
    Replies:
    4
    Views:
    140
    cPanelLauren
    May 25, 2018

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...
    Dismiss Notice