Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

AutoSSL did not renew The validation required 1 HTTP redirect

Discussion in 'Security' started by AngryAlpaca, Mar 9, 2018.

  1. AngryAlpaca

    AngryAlpaca Registered

    Joined:
    Mar 9, 2018
    Messages:
    4
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Toronto
    cPanel Access Level:
    Website Owner
    Hi cPanelers,

    I recently set up a new Wordpress site for a client on a new Hosting account. Everything was going well for about a month, up until we received this email:

    -------------------
    AutoSSL did not renew the certificate for “”. You must take action to keep this site secure.


    The validation required 1 HTTP redirect, but the AutoSSL provider “cPanel (powered by Comodo)” does not permit HTTP redirects. When the system accessed the “/.well-known/pki-validation/06947935ADBECF0D9.txt” URL, it redirected to the /0694794C90D98E916E659.txt”[/URL] URL.

    We use Cloudflare, and I suspect that the AutoSSL isn’t playing very well with it. Cloudflare settings:

    Our Security Level: Medium
    SSL: Full
    Always use HTTPS: Off

    What's the best way to go about fixing this?
     
    #1 AngryAlpaca, Mar 9, 2018
    Last edited by a moderator: Mar 10, 2018
  2. AngryAlpaca

    AngryAlpaca Registered

    Joined:
    Mar 9, 2018
    Messages:
    4
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Toronto
    cPanel Access Level:
    Website Owner
    Also- I do have an .htaccess file with the following content:


    # BEGIN WordPress
    <IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteBase /
    RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$
    RewriteCond %{REQUEST_URI} !^/\.well-known/pki-validation/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
    RewriteRule ^index\.php$ - [L]
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$
    RewriteCond %{REQUEST_URI} !^/\.well-known/pki-validation/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
    RewriteRule . /index.php [L]
    </IfModule>
    # END WordPress

    Not sure if this is causing any issues- let me know what you all think.
     
  3. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    43,245
    Likes Received:
    1,759
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello,

    It's possible you have a redirect enabled directly through CloudFlare. You could try temporarily disabling CloudFlare to verify if it's the culprit.

    Thank you.
     
  4. AngryAlpaca

    AngryAlpaca Registered

    Joined:
    Mar 9, 2018
    Messages:
    4
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Toronto
    cPanel Access Level:
    Website Owner
    I see. Any idea where in the Cloudflare interface I might be able to find the redirects that could be causing the issue? I do have some DNS entries in my Cloudflare account that are set to DNS and HTTP proxy (/imgur.com/xCx0Ynf). I'm guessing that I need to change those clouds from orange to gray to set them to DNS only?
     
    #4 AngryAlpaca, Mar 9, 2018
    Last edited by a moderator: Mar 10, 2018
  5. AngryAlpaca

    AngryAlpaca Registered

    Joined:
    Mar 9, 2018
    Messages:
    4
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Toronto
    cPanel Access Level:
    Website Owner
    Also- I've verified that 'Always redirect to HTTPS' has been turned OFF. It has been off the whole time (I do the redirect via .htacess file)
     
Loading...

Share This Page