The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

AutoSSL is generating a self signed certificate

Discussion in 'General Discussion' started by Jafar Muhammed, Jun 13, 2017.

Tags:
  1. Jafar Muhammed

    Joined:
    Mar 21, 2017
    Messages:
    22
    Likes Received:
    2
    Trophy Points:
    3
    Location:
    India
    cPanel Access Level:
    Root Administrator
    I have enabled AutoSSL for all my domains using the Feature Manager. My primary domain is certified by cPanel (powered by Comodo). This domain is working perfectly fine.

    However, other domains are self-signed, not cPanel (powered by Comodo), and this is causing trust issues across the browsers.

    Below is a log file for one of the domains.

    Checking websites for “pmjcreations” …

    The website “pmjcreations.com”, owned by “pmjcreations”, has a valid SSL certificate, but additional SSL coverage may be possible for the domains “webdisk.domain.tld”, “cpanel.pmjcreations.com”, and “webmail.domain.tld””. The system will attempt to replace this certificate with one that includes these additional domains.

    WARN The domain “webdisk.domain.tld”” failed domain control validation: The system queried for a temporary file at “<a href="http://webdisk.domain.tld”/09EE236241960CE67BC10DEBD5B9C532.txt">http://webdisk.domain.tld”/09EE236241960CE67BC10DEBD5B9C532.txt</a>”, but the web server responded with the following error: 401 (Unauthorized). A <abbr title="Domain Name System">DNS</abbr> or web server misconfiguration may exist.

    WARN The domain “cpanel.domain.tld”” failed domain control validation: The system queried for a temporary file at “<a href="http://cpanel.domain.tld”/FE8A9A2259887B167FDC9822489CE041.txt">http://cpanel.domain.tld”/FE8A9A2259887B167FDC9822489CE041.txt</a>”, but the web server responded with the following error: 401 (Access Denied). A <abbr title="Domain Name System">DNS</abbr> or web server misconfiguration may exist.

    WARN The domain “webmail.domain.tld”” failed domain control validation: The system queried for a temporary file at “<a href="http://webmail.domain.tld”/744F1C450D0AF230D785F66E9C533F36.txt">http://webmail.domain.tld”/744F1C450D0AF230D785F66E9C533F36.txt</a>”, but the web server responded with the following error: 401 (Access Denied). A <abbr title="Domain Name System">DNS</abbr> or web server misconfiguration may exist.

    AutoSSL cannot add any new domains to SSL coverage for the website .domain.tld””.
    The system has completed the AutoSSL check for “pmjcreations”.
     
    #1 Jafar Muhammed, Jun 13, 2017
    Last edited by a moderator: Jun 13, 2017
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    37,064
    Likes Received:
    1,287
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello,

    Have you blocked access to the document roots of the additional domain names added under this account? If so, you'd need to temporarily allow access to those websites in order for the AutoSSL validation process to succeed.

    Thank you.
     
  3. Jafar Muhammed

    Joined:
    Mar 21, 2017
    Messages:
    22
    Likes Received:
    2
    Trophy Points:
    3
    Location:
    India
    cPanel Access Level:
    Root Administrator
    I am not sure about that @cPanelMichael. Could you please tell me how I can confirm that?
    And please note, the same issue is with all the domains. AutoSSL is working for only the primary domain.
     
  4. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    37,064
    Likes Received:
    1,287
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello,

    You could review the .htaccess file in the document root of one of the affected domain names to see what entries are added. Feel free to post the entries here in CODE tags, ensuring to remove any real domain names or IP addresses.

    Thank you.
     
  5. Jafar Muhammed

    Joined:
    Mar 21, 2017
    Messages:
    22
    Likes Received:
    2
    Trophy Points:
    3
    Location:
    India
    cPanel Access Level:
    Root Administrator
    One of the domains which I was testing had a .htaccess file.
    I wrote conditions taken from Redirect HTTP to HTTPS automatically | GoDaddy Help IN
    Code:
    RewriteEngine On
    RewriteCond %{HTTPS} off
    RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
    But that condition is overwritten now with
    Code:
    RewriteEngine On
    RewriteCond %{HTTPS} off
    RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$
    RewriteCond %{REQUEST_URI} !^/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
    RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
    Other domains don't have any .htaccess file
     
  6. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    37,064
    Likes Received:
    1,287
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello,

    Could you open a support ticket using the link in my signature so we can take a closer look and see why the domain validation process is failing for those domain names?

    Thank you.
     
  7. Jafar Muhammed

    Joined:
    Mar 21, 2017
    Messages:
    22
    Likes Received:
    2
    Trophy Points:
    3
    Location:
    India
    cPanel Access Level:
    Root Administrator
    Hi @cPanelMichael, I have created a Support Request and provided access to my server.
    I have received an access confirmation email as well.

    Thank you so much :)
     
Loading...

Share This Page