Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

AutoSSL from cPanel says expired

Discussion in 'Security' started by InteractM, Dec 11, 2017.

Tags:
  1. InteractM

    InteractM Well-Known Member

    Joined:
    Apr 2, 2013
    Messages:
    135
    Likes Received:
    1
    Trophy Points:
    18
    cPanel Access Level:
    Root Administrator
    I have an issue with multiple sites over the weekend where AutoSSL issued by cPanel say is expired but SSL Storage Manager shows that are not.

    Example: - Removed -

    SSL Cert envelope:
    Code:
    Certificate:
        Data:
            Version: 3 (0x2)
            Serial Number:
                35:58:6e:53:2a:b7:86:09:43:5e:d7:88:6a:47:8a:0b
        Signature Algorithm: sha256WithRSAEncryption
            Issuer: C = US, ST = TX, L = Houston, O = "cPanel, Inc.", CN = "cPanel, Inc. Certification Authority"
            Validity
                Not Before: Nov 25 00:00:00 2017 GMT
                Not After : Feb 23 23:59:59 2018 GMT
            Subject: CN = - Removed -
    
    Any clue how get that issue to fix?
     
    #1 InteractM, Dec 11, 2017
    Last edited by a moderator: Dec 11, 2017
  2. Eminds

    Eminds Well-Known Member

    Joined:
    Nov 10, 2016
    Messages:
    274
    Likes Received:
    21
    Trophy Points:
    18
    Location:
    India
    cPanel Access Level:
    Root Administrator
    Login to WHM with root >> go to AutoSSL Manager >> check the logs tab for that particular domain and it will show you what exactly happening with the SSL certificates.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. InteractM

    InteractM Well-Known Member

    Joined:
    Apr 2, 2013
    Messages:
    135
    Likes Received:
    1
    Trophy Points:
    18
    cPanel Access Level:
    Root Administrator
    Well, I was there few times and says nothing interesting:
    Code:
    Log for the AutoSSL run for “gems”: Monday, December 11, 2017 9:35:08 PM GMT-0500 (cPanel (powered by Comodo))
    9:35:08 PM This system has AutoSSL set to use “cPanel (powered by Comodo)”.
    9:35:08 PM Checking websites for “gems” …
    9:35:08 PM The website “example.com”, owned by “gems”, has a valid SSL certificate, but additional SSL coverage may be possible for the domains “cpanel.example.com”, “webmail.example.com”, and “webdisk.example.com”. The system will attempt to replace this certificate with one that includes these additional domains.
    9:35:09 PM AutoSSL cannot add any new domains to SSL coverage for the website “example.com”.
    9:35:09 PM The system has completed the AutoSSL check for “gems”.
    
    
     
    #3 InteractM, Dec 11, 2017
    Last edited by a moderator: Dec 12, 2017
  4. cPanelMichael

    cPanelMichael Technical Support Community Manager
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    45,442
    Likes Received:
    1,961
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hello,

    Do you have proxy subdomain DNS entries configured for that account? If not, and if proxy subdomains are enabled, you can automatically add the missing entries for all domain names on the server with the following command:

    Code:
    /scripts/checkproxysubdomains --force
    If that doesn't address the issue during the next AutoSSL check, or if the proxy subdomain records are already populated in the domain name's DNS zone, feel free to open a support ticket so we can take a closer look.

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  5. Mayc

    Mayc Member

    Joined:
    Oct 11, 2017
    Messages:
    9
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Spain
    cPanel Access Level:
    Root Administrator
    same proble here. In 2 diferent servers. This only happens when I use a proxy for the ssl. I use xvarnish, everything was working perfectly and suddenly 2 or 3 weeks ago in both cases the same problem occurred. Most websites with ssl give this error in the browser: NET::ERR_CERT_DATE_INVALID. But nevertheless the certificate is active and not expired. Turning off the proxy works fine. where I have been able to investigate the xvarnish has not been updated since August so it must have coincided with some update of cpanel.

    Any idea??
     
  6. cPanelMichael

    cPanelMichael Technical Support Community Manager
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    45,442
    Likes Received:
    1,961
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hello,

    If it's not happening when the plugin is uninstalled, it suggests an issue with the plugin itself (possibly with custom Apache templates). Have you reported the issue to the support team for that Varinish plugin so they can take a closer look?

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  7. Mayc

    Mayc Member

    Joined:
    Oct 11, 2017
    Messages:
    9
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Spain
    cPanel Access Level:
    Root Administrator
    with the proxy enabled gives expired certificate
    Valid from Thu, 07 Sep 2017 00:00:00 UTC
    Valid until Wed, 06 Dec 2017 23:59:59 UTC (expired 12 days, 18 hours ago) EXPIRED

    without the proxy
    Valid from Wed, 22 Nov 2017 00:00:00 UTC
    Valid until Tue, 20 Feb 2018 23:59:59 UTC (expires in 2 months and 1 day)

    Unfortunately the xvarnish support team is non-existent
     
  8. cPanelMichael

    cPanelMichael Technical Support Community Manager
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    45,442
    Likes Received:
    1,961
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    The information you provided suggests that plugin might not have been updated to account for the following changes in cPanel 68:

    SSL Storage Modification

    You may want to consider using a different plugin if you are unable to reach their support team.

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice