Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

AutoSSL & Django Issue

Discussion in 'Security' started by shadowfax, Oct 23, 2016.

  1. shadowfax

    shadowfax Registered

    May 16, 2003
    Likes Received:
    Trophy Points:

    I did a lot of searching but could not find a thread that spoke specifically to my problem. So forgive me if there is a duplicate somewhere.

    I recently had the AutoSSL plugin enabled on my KnownHost VPS running WHM v58 build 32 cPanel. I configured the plugin to use the Let's Encrypt service for SSLs.

    My server configuration has three different type of webpage setups running on Apache :

    1) A few domains using normal HTML and .htaccess type config with "each domain set up as a unique user".
    2) A group of sub-domains parked under a single primary domain user id. (all running html pages and .htaccess)
    3) A few domains using Django to serve the website (no .htaccess but settings in apache virtual conf files) with "each domain set up as a unique user".

    Setup group 1 had no problem enabling the Let's Encrypt SSL certs through your plug in. I enable it and do a check domain and the log shows that a cert was needed and it is installed. I then see the .well-known/acme-challenge folder in the public_html folder. There are files in the folder initially but then disappear. HTTPS seems to work on these domains with no issue.

    Setup group 2 is only able to be configured if I enable AutoSSL on the User ID that all the sub-domains sit under. AutoSSL then tries to enable certs for it and all sub-domains. I only wanted a select group of these sub-domains to have SSL certs. From what I understand that is in future versions of your plugin you will allow this to happen? Or will your plugin always enable certs for all these sub-domains or not? I heard there was a feature request for this? Can you verify?

    Setup group 3 is the one having the real problem. When I try to enable AutoSSL on a domain configured with Django I get the following error:

    WARN The domain “” has failed domain control validation (The system queried for a temporary file at “<a href="">”" target="_blank" class="externalLink ProxyLink" data-proxy-href="”" rel="nofollow"></a>”, but the web server responded with the following error: 404 (NOT FOUND). A <abbr title="Domain Name System">DNS</abbr> or web server misconfiguration may exist.). at bin/ line 449.
    I looked in this forum and found some tricks about putting a RewriteCond %{REQUEST_URI} !^/\.well-known/acme-challenge/ setting in the .htaccess file. Django doesn't use .htaccess but can be configured via a virtual conf file inside Apache. I added that line along with RewriteEnging on. The problem persisted.

    Also, I notice that the .well-known folder is never created.

    I do want to note that my Django has the WebRoot folder changed from public_html. Instead the root of the domain is /home/userid/public_html/d18p275/domain_com/. Additionally actual webpage files that are served are in a "templates" folder off of the WebRoot. Lastly, you have to actually define URL entries in a file on you get a 404.

    Since your "temp" file seems to be dynamic in nature and I see no way to point you to the correct root folder where files are served from, I am not sure how to get AutoSSL working on my Django domains.

    Can you help me on how I get this working? Thanks...
    #1 shadowfax, Oct 23, 2016
    Last edited by a moderator: Oct 23, 2016
  2. cPanelMichael

    cPanelMichael Technical Support Community Manager Staff Member

    Apr 11, 2011
    Likes Received:
    Trophy Points:
    cPanel Access Level:
    Root Administrator
    Hello @shadowfax,

    That's correct. It's not currently possible to exclude subdomains, but I encourage you to vote and add feedback to the existing feature request for this at:

    AutoSSL: Prevent specific domains from being issued free SSL certificates

    Could you open a support ticket using the link in my signature so we can take a closer look at this configuration and determine what's blocking the domain validation? You can post the ticket number here and we will update this thread with the outcome.

    Thank you.
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice