AutoSSL is generating a self signed certificate

Jafar Muhammed

Active Member
Mar 21, 2017
31
3
8
India
cPanel Access Level
Root Administrator
I have enabled AutoSSL for all my domains using the Feature Manager. My primary domain is certified by cPanel (powered by Comodo). This domain is working perfectly fine.

However, other domains are self-signed, not cPanel (powered by Comodo), and this is causing trust issues across the browsers.

Below is a log file for one of the domains.

Checking websites for “pmjcreations” …

The website “pmjcreations.com”, owned by “pmjcreations”, has a valid SSL certificate, but additional SSL coverage may be possible for the domains “webdisk.domain.tld”, “cpanel.pmjcreations.com”, and “webmail.domain.tld””. The system will attempt to replace this certificate with one that includes these additional domains.

WARN The domain “webdisk.domain.tld”” failed domain control validation: The system queried for a temporary file at “<a href="http://webdisk.domain.tld”/09EE236241960CE67BC10DEBD5B9C532.txt">http://webdisk.domain.tld”/09EE236241960CE67BC10DEBD5B9C532.txt</a>”, but the web server responded with the following error: 401 (Unauthorized). A <abbr title="Domain Name System">DNS</abbr> or web server misconfiguration may exist.

WARN The domain “cpanel.domain.tld”” failed domain control validation: The system queried for a temporary file at “<a href="http://cpanel.domain.tld”/FE8A9A2259887B167FDC9822489CE041.txt">http://cpanel.domain.tld”/FE8A9A2259887B167FDC9822489CE041.txt</a>”, but the web server responded with the following error: 401 (Access Denied). A <abbr title="Domain Name System">DNS</abbr> or web server misconfiguration may exist.

WARN The domain “webmail.domain.tld”” failed domain control validation: The system queried for a temporary file at “<a href="http://webmail.domain.tld”/744F1C450D0AF230D785F66E9C533F36.txt">http://webmail.domain.tld”/744F1C450D0AF230D785F66E9C533F36.txt</a>”, but the web server responded with the following error: 401 (Access Denied). A <abbr title="Domain Name System">DNS</abbr> or web server misconfiguration may exist.

AutoSSL cannot add any new domains to SSL coverage for the website .domain.tld””.
The system has completed the AutoSSL check for “pmjcreations”.
 
Last edited by a moderator:

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,884
2,254
463
Hello,

Have you blocked access to the document roots of the additional domain names added under this account? If so, you'd need to temporarily allow access to those websites in order for the AutoSSL validation process to succeed.

Thank you.
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,884
2,254
463
Hello,

You could review the .htaccess file in the document root of one of the affected domain names to see what entries are added. Feel free to post the entries here in CODE tags, ensuring to remove any real domain names or IP addresses.

Thank you.
 

Jafar Muhammed

Active Member
Mar 21, 2017
31
3
8
India
cPanel Access Level
Root Administrator
One of the domains which I was testing had a .htaccess file.
I wrote conditions taken from Redirect HTTP to HTTPS automatically | GoDaddy Help IN
Code:
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
But that condition is overwritten now with
Code:
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$
RewriteCond %{REQUEST_URI} !^/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
Other domains don't have any .htaccess file
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,884
2,254
463
Hello,

Could you open a support ticket using the link in my signature so we can take a closer look and see why the domain validation process is failing for those domain names?

Thank you.