The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

AutoSSL Error string too long

Discussion in 'Security' started by caylean, Jan 15, 2017.

Tags:
  1. caylean

    caylean Active Member

    Joined:
    Jul 2, 2013
    Messages:
    25
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    Hello Forum,
    I have here an error regarding the AutoSSL Function and I have no clue where to sort it here correctly in, nor what I can do about it.

    Lets start with the Log:
    Code:
    4:51:51 AM Checking websites for “web003” …
    4:51:51 AM The website “23char-Subdomain.domain.tld”, owned by “web003”, has no SSL certificate. AutoSSL will attempt to obtain a new certificate and install it.
    4:51:51 AM The website “domain.tld”, owned by “web003”, has no SSL certificate. AutoSSL will attempt to obtain a new certificate and install it.
    4:51:51 AM The website “40char-Subdomain.domain.tld”, owned by “web003”, has no SSL certificate. AutoSSL will attempt to obtain a new certificate and install it.
    4:51:51 AM The website “33char-Subdomain.domain.tld”, owned by “web003”, has no SSL certificate. AutoSSL will attempt to obtain a new certificate and install it.
    4:51:51 AM The website “14char-Subdomain.domain.tld”, owned by “web003”, has no SSL certificate. AutoSSL will attempt to obtain a new certificate and install it.
    4:51:51 AM The website “28char-Subdomain.domain.tld”, owned by “web003”, has no SSL certificate. AutoSSL will attempt to obtain a new certificate and install it.
    4:51:51 AM The website “26char-Subdomain.domain.tld”, owned by “web003”, has no SSL certificate. AutoSSL will attempt to obtain a new certificate and install it.
    4:51:51 AM The website “28char-Subdomain.domain.tld”, owned by “web003”, has no SSL certificate. AutoSSL will attempt to obtain a new certificate and install it.
    4:51:51 AM The website “29char-Subdomain.domain.tld”, owned by “web003”, has no SSL certificate. AutoSSL will attempt to obtain a new certificate and install it.
    4:51:51 AM The website “Subdomain.domain.tld”, owned by “web003”, has no SSL certificate. AutoSSL will attempt to obtain a new certificate and install it.
    4:51:51 AM The website “Subdomain.domain.tld”, owned by “web003”, has no SSL certificate. AutoSSL will attempt to obtain a new certificate and install it.
    4:51:51 AM The website “Subdomain.domain.tld”, owned by “web003”, has no SSL certificate. AutoSSL will attempt to obtain a new certificate and install it.
    4:51:51 AM The website “Subdomain.domain.tld”, owned by “web003”, has no SSL certificate. AutoSSL will attempt to obtain a new certificate and install it.
    4:51:51 AM The website “Subdomain.domain.tld”, owned by “web003”, has no SSL certificate. AutoSSL will attempt to obtain a new certificate and install it.
    4:51:51 AM The website “45char-Subdomain.domain.tld”, owned by “web003”, has no SSL certificate. AutoSSL will attempt to obtain a new certificate and install it.
    4:51:51 AM The website “Subdomain.domain.tld”, owned by “web003”, has no SSL certificate. AutoSSL will attempt to obtain a new certificate and install it.
    4:51:51 AM The website “Subdomain.domain.tld”, owned by “web003”, has no SSL certificate. AutoSSL will attempt to obtain a new certificate and install it.
    4:51:51 AM The website “Subdomain.domain.tld”, owned by “web003”, has no SSL certificate. AutoSSL will attempt to obtain a new certificate and install it.
    4:51:51 AM The website “Subdomain.domain.tld”, owned by “web003”, has no SSL certificate. AutoSSL will attempt to obtain a new certificate and install it.
    4:51:51 AM The website “Subdomain.domain.tld”, owned by “web003”, has no SSL certificate. AutoSSL will attempt to obtain a new certificate and install it.
    4:51:51 AM The website “Subdomain.domain.tld”, owned by “web003”, has no SSL certificate. AutoSSL will attempt to obtain a new certificate and install it.
    4:51:51 AM The website “Subdomain.domain.tld”, owned by “web003”, has no SSL certificate. AutoSSL will attempt to obtain a new certificate and install it.
    4:51:51 AM The website “Subdomain.domain.tld”, owned by “web003”, has no SSL certificate. AutoSSL will attempt to obtain a new certificate and install it.
    4:51:52 AM The website “Subdomain.domain.tld”, owned by “web003”, has no SSL certificate. AutoSSL will attempt to obtain a new certificate and install it.
    4:51:52 AM The website “Subdomain.domain.tld”, owned by “web003”, has no SSL certificate. AutoSSL will attempt to obtain a new certificate and install it.
    4:51:57 AM The system will attempt to renew SSL certificates for the following websites:
    4:51:57 AM 23char-Subdomain.domain.tld (23char-Subdomain.domain.tld www.23char-Subdomain.domain.tld)
    4:51:57 AM domain.tld (domain.tld www.domain.tld mail.domain.tld)
    4:51:57 AM 40char-Subdomain.domain.tld (40char-Subdomain.domain.tld www.40char-Subdomain.domain.tld)
    4:51:57 AM 33char-Subdomain.domain.tld (33char-Subdomain.domain.tld www.33char-Subdomain.domain.tld)
    4:51:57 AM 14char-Subdomain.domain.tld (14char-Subdomain.domain.tld www.14char-Subdomain.domain.tld)
    4:51:57 AM 28char-Subdomain.domain.tld (28char-Subdomain.domain.tld www.28char-Subdomain.domain.tld)
    4:51:57 AM 26char-Subdomain.domain.tld (26char-Subdomain.domain.tld www.26char-Subdomain.domain.tld)
    4:51:57 AM 28char-Subdomain.domain.tld (28char-Subdomain.domain.tld www.28char-Subdomain.domain.tld)
    4:51:57 AM 29char-Subdomain.domain.tld (29char-Subdomain.domain.tld www.29char-Subdomain.domain.tld)
    4:51:57 AM Subdomain.domain.tld (Subdomain.domain.tld www.Subdomain.domain.tld)
    4:51:57 AM Subdomain.domain.tld (Subdomain.domain.tld www.Subdomain.domain.tld)
    4:51:57 AM Subdomain.domain.tld (Subdomain.domain.tld www.Subdomain.domain.tld)
    4:51:57 AM Subdomain.domain.tld (Subdomain.domain.tld www.Subdomain.domain.tld)
    4:51:57 AM Subdomain.domain.tld (Subdomain.domain.tld www.Subdomain.domain.tld)
    4:51:57 AM 45char-Subdomain.domain.tld (45char-Subdomain.domain.tld www.45char-Subdomain.domain.tld)
    4:51:57 AM Subdomain.domain.tld (Subdomain.domain.tld www.Subdomain.domain.tld)
    4:51:57 AM Subdomain.domain.tld (Subdomain.domain.tld www.Subdomain.domain.tld)
    4:51:57 AM Subdomain.domain.tld (Subdomain.domain.tld www.Subdomain.domain.tld)
    4:51:57 AM Subdomain.domain.tld (Subdomain.domain.tld www.Subdomain.domain.tld)
    4:51:57 AM Subdomain.domain.tld (Subdomain.domain.tld www.Subdomain.domain.tld)
    4:51:57 AM Subdomain.domain.tld (Subdomain.domain.tld www.Subdomain.domain.tld)
    4:51:57 AM Subdomain.domain.tld (Subdomain.domain.tld www.Subdomain.domain.tld)
    4:51:57 AM Subdomain.domain.tld (Subdomain.domain.tld www.Subdomain.domain.tld)
    4:51:57 AM Subdomain.domain.tld (Subdomain.domain.tld www.Subdomain.domain.tld)
    4:51:57 AM Subdomain.domain.tld (Subdomain.domain.tld www.Subdomain.domain.tld)
    4:52:15 AM WARN build_subject at /usr/local/cpanel/Cpanel/SSL/Create.pm line 94. ...caught at bin/autossl_check.pl line 264.
    4:52:15 AM The system has completed the AutoSSL check for “web003”.
    4:52:15 AM Checking websites for “web081” …
    4:52:15 AM WARN Net::SSLeay error left in queue from previous call: “error:0D07A097:asn1 encoding routines:ASN1_mbstring_ncopy:string too long” (218603671) at /usr/local/cpanel/Cpanel/NetSSLeay.pm line 19.
    4:52:15 AM All websites owned by “web081” have valid SSL certificates.
    4:52:15 AM The system has completed the AutoSSL check for “web081”. 
    I have NOT shortened it, because I am not sure if it might be due to its lenght... either in Characters in total, or Subdomain-Lenght.

    I have written some Subdomains like "45char-Subdomain" .. what I mean here is the "full-name-of-subdomain-in-characters"

    It seems to me that the Process of requesting and applying the SSL Certs gets interrupted for some reason. It stops. Starts the next account and recognizes that there is an unfinished Process kills it and starts the next account.

    What happened and what can I do to resolve?

    Kind Regards
    Caylean
     
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    36,958
    Likes Received:
    1,274
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello @caylean,

    Internal case CPANEL-10051 is open to address an issue where long domain names can result in AutoSSL failures. Could you let us know how many characters the domain name in-question utilizes (combined total of the subdomain and domain name it's associated with)? Also, could you let us know which version of cPanel is installed on this system? You can check with a command such as:

    Code:
    cat /usr/local/cpanel/version
    Thank you.
     
  3. caylean

    caylean Active Member

    Joined:
    Jul 2, 2013
    Messages:
    25
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    domain = 16 Character
    domain.tld = 20 Character

    Code:
    domain = 16 Character
    domain.tld = 20 Character
    
    Character Subdomain   |   subdomain.domain.tld   |   /public_html/subdomain
    23   |   xxxxxxx-xxx-xxxx-xxxxxx.xxxxxxx-xxx-xxxx.com   |   /public_html/xxxxxxx-xxx-xxxx-xxxxxx
    40   |   xxxx-xxxx-xxxx-xxxxxxx-xx-xxxxxx-xxxxxxx.xxxxxxx-xxx-xxxx.com   |   /public_html/xxxx-xxxx-xxxx-xxxxxxx-xx-xxxxxx-xxxxxxx
    37   |   xxxxxxxx-xxxxxxx-xxx-xxxxx-xxxxxx.xxxxxxx-xxx-xxxx.com   |   /public_html/xxxxxxxx-xxxxxxx-xxx-xxxxx-xxxxxx
    18   |   xxx-xxxx-xxxxx.xxxxxxx-xxx-xxxx.com   |   /public_html/xxx-xxxx-xxxxx
    32   |   xxxxxxxxxx-xxxxx-xxxx-xxxxxx.xxxxxxx-xxx-xxxx.com   |   /public_html/xxxxxxxxxx-xxxxx-xxxx-xxxxxx
    30   |   xxxxxxxx-xxxx-xxx-xxxxxxxx.xxxxxxx-xxx-xxxx.com   |   /public_html/xxxxxxxx-xxxx-xxx-xxxxxxxx
    32   |   xxxxxx-xxxx-xx-xxxxxxx-xxxxx.xxxxxxx-xxx-xxxx.com   |   /public_html/xxxxxx-xxxx-xx-xxxxxxx-xxxxx
    33   |   xxxxxxxxxxxx-xxxx-xxxx-xxxxxx.xxxxxxx-xxx-xxxx.com   |   /public_html/xxxxxxxxxxxx-xxxx-xxxx-xxxxxx
    37   |   xxxxx-xxxx-xxxxx-xx-xxx-xxxxx-xxxxxxx.xxxxxxx-xxx-xxxx.com   |   /public_html/xxxxx-xxxx-xxxxx-xx-xxx-xxxxx-xxxxxxx
    37   |   xxxxxxx-xxxxxxxx-xxxxxxx-xxxxxxxx.xxxxxxx-xxx-xxxx.com   |   /public_html/xxxxxxx-xxxxxxxx-xxxxxxx-xxxxxxxx
    41   |   xxxxxx-xxxxxx-xxxxx-xxxx-xxxxxxxx-xxx.xxxxxxx-xxx-xxxx.com   |   /public_html/xxxxxx-xxxxxx-xxxxx-xxxx-xxxxxxxx-xxx
    29   |   xxxxxxx-xxxx-xxxx-xxxxxxx-xxx.xxxxxxx-xxx-xxxx.com   |   /public_html/xxxxxxx-xxxx-xxxx-xxxxxxx-xxx
    14   |   xxxxx-xxxxxxxx.xxxxxxx-xxx-xxxx.com   |   /public_html/xxxxx-xxxxxxxx
    49   |   xxxxxxx-xxxxxxx-xxxxxx-xxxx-xxx-xxxxx-xxxxxxx.xxxxxxx-xxx-xxxx.com   |   /public_html/xxxxxxx-xxxxxxx-xxxxxx-xxxx-xxx-xxxxx-xxxxxxx
    25   |   xxxxxxx-xxxxx-xxxx-xxxxxx.xxxxxxx-xxx-xxxx.com   |   /public_html/xxxxxxx-xxxxx-xxxx-xxxxxx
    32   |   xxxxxxx-xxxxxx-xxx-xxxxxx-xxxxxx.xxxxxxx-xxx-xxxx.com   |   /public_html/xxxxxxx-xxxxxx-xxx-xxxxxx-xxxxxx
    35   |   xxxxxxxxx-xxxxx-xxxxxx-xxxxxxx-xxxx.xxxxxxx-xxx-xxxx.com   |   /public_html/xxxxxxxxx-xxxxx-xxxxxx-xxxxxxx-xxxx
    24   |   xxxx-xxxxxx-xxxx-xxxxxxx.xxxxxxx-xxx-xxxx.com   |   /public_html/xxxx-xxxxxx-xxxx-xxxxxxx
    26   |   xxxxxxxxxxxx-xxxxxxx-xxxxx.xxxxxxx-xxx-xxxx.com   |   /public_html/xxxxxxxxxxxx-xxxxxxx-xxxxx
    33   |   xxxx-xxxxxx-xxxxxxxx-xxxx-xxxxxxx.xxxxxxx-xxx-xxxx.com   |   /public_html/xxxx-xxxxxx-xxxxxxxx-xxxx-xxxxxxx
    12   |   xxxxx-xxxxxx.xxxxxxx-xxx-xxxx.com   |   /public_html/xxxxx-xxxxxx
    28   |   xxxx-xxxx-xxxx-xxxxx-xxxxxxx.xxxxxxx-xxx-xxxx.com   |   /public_html/xxxx-xxxx-xxxx-xxxxx-xxxxxxx
    32   |   xxxxxxxxxxx-xxxx-xxxxxxx-xx-xxxx.xxxxxxx-xxx-xxxx.com   |   /public_html/xxxxxxxxxxx-xxxx-xxxxxxx-xx-xxxx
    26   |   xxxxxxxx-xxxx-xxxxx-xxxxxx.xxxxxxx-xxx-xxxx.com   |   /public_html/xxxxxxxx-xxxx-xxxxx-xxxxxx

    #######@server [~]# cat /usr/local/cpanel/version
    11.60.0.34

    That would be
    725 Characters plain subdomain
    1229 Characters subdomain.domain.tld

     
    #3 caylean, Jan 16, 2017
    Last edited: Jan 16, 2017
  4. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    36,958
    Likes Received:
    1,274
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello,

    Thank you for the additional information. I'll update this thread with more information from internal case CPANEL-10051 as it becomes available.

    Thank you.
     
  5. caylean

    caylean Active Member

    Joined:
    Jul 2, 2013
    Messages:
    25
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    Hello Michael, small Update from me incoming.

    There was recently an update that was implemented.

    cPanel shows now: 60.0.35 so I guess that would be then 10.60.0.35

    The lastest Log shows for the Domain in Question still the same error i'd say:

    Code:
     4:37:40 AM WARN build_subject at /usr/local/cpanel/Cpanel/SSL/Create.pm line 94. ...caught at bin/autossl_check.pl line 264.
    4:37:40 AM The system has completed the AutoSSL check for “web003”.
    4:37:40 AM Checking websites for “web193” …
    4:37:40 AM WARN Net::SSLeay error left in queue from previous call: “error:0D07A097:asn1 encoding routines:ASN1_mbstring_ncopy:string too long” (218603671) at /usr/local/cpanel/Cpanel/NetSSLeay.pm line 19. 
    Kind Regards
     
  6. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    36,958
    Likes Received:
    1,274
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello @caylean,

    The internal case is still open, so the newer version would not have included a resolution to the issue. I'll update this thread once new information on the status of this case becomes available.

    Thank you.
     
  7. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    36,958
    Likes Received:
    1,274
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello,

    To update, internal case CPANEL-10051 is planned for a future cPanel version 62 build, and will improve the error message when attempting to create a CSR with a commonName longer then 64 characters during the AutoSSL installation process.

    Additionally, cPanel version 64 includes new functionality that will avoid including domain names greater than 64 characters in the commonName field as long as at least one domain on the certificate is less than or equal to 64 characters.

    Thank you.
     
  8. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    36,958
    Likes Received:
    1,274
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello,

    To update, CPANEL-10051 is included with cPanel 62.0.16:

    Fixed case CPANEL-10051: Error when trying to create a CSR with a subject longer then 64.

    This will improve the error message when attempting to create a CSR with a commonName longer then 64 characters during the AutoSSL installation process.

    Thank you.
     
Loading...

Share This Page