SOLVED AutoSSL fails for some domains attempting to get PKI file on an old/wrong IP

Benjamin D.

Well-Known Member
Jan 28, 2016
162
26
78
Canada
cPanel Access Level
Root Administrator
Installed a fresh new server with WHM 72.0 on CentOS 7.5 and migrated all accounts 5 days ago.

AutoSSL has been failing ever since for SOME (~25%) domains, attempting to get PKI file on an old/wrong IP!

See the attached screenshot. See that IP 215.....5 ? It's been out of service for at least 48 hours now and either way, there is not a single A record pointing to 215.....5 so where does AutoSSL get this IP from? How long is AutoSSL's DNS cache lasting??? I put the old and new server's DNS TTL to 5 minutes 7 DAYS ago and it's STILL on 5 minutes!
 

Attachments

Last edited:

Benjamin D.

Well-Known Member
Jan 28, 2016
162
26
78
Canada
cPanel Access Level
Root Administrator
Resolved. Most of these were junk (subdomains that are not even supposed to have A record entries, old deleted accounts that stuck for some reason, etc...) so I removed all the entries and concerning the specific in the screenshot, this was a different issue: for some reason it was the registrar's fault for not having changed their A record which indeed pointed to a wrong IP. It should be all good now.

Please mark as resolved.
 
Last edited:

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,884
2,250
463
Resolved. Most of these were junk (subdomains that are not even supposed to have A record entries, old deleted accounts that stuck for some reason, etc...) so I removed all the entries and concerning the specific in the screenshot, this was a different issue: for some reason it was the registrar's fault for not having changed their A record which indeed pointed to a wrong IP. It should be all good now.
Hello,

I'm glad to see you were able to solve the issue. Thank you for sharing the outcome.