AutoSSL for www. and mail. subdomains

Inspire Digital

Registered
Dec 7, 2021
3
0
1
GB
cPanel Access Level
Root Administrator
Hi,

The recent change (Fixed case COBRA-13435) to make AutoSSL not apply ancestor DCV substition for HTTP DCV has had a big impact for us, we're managing 600+ accounts and have been flooded by failed autoSSL renewals notifications.

I've been able to solve most of them by disabling the services subdomains which we don't use.

But there are still mail. and www. that are automatically created and are not always needed, in our case mail. is never needed, and www. only needed on live sites.
So we still receive lots of failed renewals notifications

Is there a way to control those subdomains creation in WHM ?

I know I can edit the template like mentionned there : Disable Autogenerate www and mail for subdomain but that doesn't solve the 600 existing accounts problem.

Thank you
 

cPanelAnthony

Administrator
Staff member
Oct 18, 2021
1,045
112
118
Houston, TX
cPanel Access Level
Root Administrator

frederickgzmn

Registered
Dec 7, 2021
3
0
1
United States
cPanel Access Level
Root Administrator
Hi,

Same issue here, i applied the changed your mentioned and i am getting this and domain can't get a SSL:

Verifying local authority for 2 domains …
No local authority: “mail.xxxxxxxxxx.com”
No local authority: “*.xxxxxxxxx.com”
No local DNS DCV is necessary.
Processing “xxxxxxx”’s local DCV results …
Analyzing “xxxxxxxxxxx”’s DCV results …
Impediment: SECURED_DOMAIN_DCV_FAILURE: One or more currently-secured domains failed DCV.
The system has completed “xxxxxxxxx”’s AutoSSL check.
 

cPanelAnthony

Administrator
Staff member
Oct 18, 2021
1,045
112
118
Houston, TX
cPanel Access Level
Root Administrator
Hi,

Same issue here, i applied the changed your mentioned and i am getting this and domain can't get a SSL:

Verifying local authority for 2 domains …
No local authority: “mail.xxxxxxxxxx.com”
No local authority: “*.xxxxxxxxx.com”
No local DNS DCV is necessary.
Processing “xxxxxxx”’s local DCV results …
Analyzing “xxxxxxxxxxx”’s DCV results …
Impediment: SECURED_DOMAIN_DCV_FAILURE: One or more currently-secured domains failed DCV.
The system has completed “xxxxxxxxx”’s AutoSSL check.
Would you be able to open a support ticket using the link in my signature and provide me with the ticket ID? If you can't do so, your web hosting provider should be able to open a ticket on your behalf.
 

Inspire Digital

Registered
Dec 7, 2021
3
0
1
GB
cPanel Access Level
Root Administrator
Hello! I believe the following might help you.

Bypass using the cPanel service SSL certificate
Yes, that's what I meant by "I've been able to solve most of them by disabling the services subdomains which we don't use.".

But the service subdomains don't include mail. and www., those are automatically created in the vhost and there's no way to control that from what I can see.

If those 2 subdomains are to fail DCV checks from now on, it would make sense to give us the option to not create them in the first place I find.

Any way I can follow this ticket too ? Unsure where to go for that
 

frederickgzmn

Registered
Dec 7, 2021
3
0
1
United States
cPanel Access Level
Root Administrator
Any way I can follow this ticket too ? Unsure where to go for that
Hey mate, here is the solution for me from them, this article created by Ehsan saved us:

Any way i disabled the Services Domains in Home »Server Configuration »Tweak Settings » Domains» Service subdomains [?] because it will disable all extra sub domain created by cPanel and in my case we don't use them.
 

Inspire Digital

Registered
Dec 7, 2021
3
0
1
GB
cPanel Access Level
Root Administrator
Hey mate, here is the solution for me from them, this article created by Ehsan saved us:

Any way i disabled the Services Domains in Home »Server Configuration »Tweak Settings » Domains» Service subdomains [?] because it will disable all extra sub domain created by cPanel and in my case we don't use them.
Ah great, that saves me hours of work right there, thank you