SOLVED AutoSSL issue, not working on browsers

Operating System & Version
Centos 7.9 kvm
cPanel & WHM Version
v98.0.8

gfserver

Active Member
Feb 18, 2015
38
6
58
cPanel Access Level
Root Administrator
Hello,

When is added a new domain or subdomain in my cPanel / WHM VPS, the AutoSSL ( cPanel (powered by Sectigo) the SSL certificated is succesfully generated but when we open the https:// URL in browsers it is showing "not secure" site even after 24 hours.

We check auto SSL log and it's ok, for example:


[B]Log for the AutoSSL run for “user”: Wednesday, September 22, 2021 2:08:53 PM GMT-0400 (cPanel (powered by Sectigo)) [/B]

2:08:53 PM AutoSSL’s configured provider is “cPanel (powered by Sectigo)”.
This AutoSSL provider does not poll for certificate availability immediately after a certificate request submission. Instead, it submits certificate requests then periodically polls the cPanel Store for each requested certificate and installs it after a successful retrieval. The system will record all requests, retrievals, and installations for the current AutoSSL run in this log.
Analyzing “user”’s domains …
2:08:53 PM Analyzing “subdomain.domain.com” (website) …
2:08:53 PM SUCCESS TLS Status: OK
Certificate expiry: 12/22/21, 12:00 AM UTC (90.24 days from now)
2:08:53 PM Analyzing “domain.com” (website) …
2:08:53 PM SUCCESS TLS Status: OK
Certificate expiry: 12/9/21, 12:00 AM UTC (77.24 days from now)
2:08:53 PM SUCCESS This user’s SSL coverage is already optimal.


Running in SSH "/usr/local/cpanel/bin/autossl_check --user username" output:


AutoSSL’s configured provider is “cPanel (powered by Sectigo)”.
This AutoSSL provider does not poll for certificate availability immediately after a certificate request submission. Instead, it submits certificate requests then periodically polls the cPanel Store for each requested certificate and installs it after a successful retrieval. The system will record all requests, retrievals, and installations for the current AutoSSL run in this log.
Analyzing “user”’s domains …
Analyzing “subdomain.domain.com” (website) …
TLS Status: OK
Certificate expiry: 12/22/21, 12:00 AM UTC (90.21 days from now)
Analyzing “domain.com” (website) …
TLS Status: OK
Certificate expiry: 12/9/21, 12:00 AM UTC (77.21 days from now)
This user’s SSL coverage is already optimal.



And we are receiving the SSL installation email correctly

We have solved this manually opening atuo ssl in user's individual cpanel -> SSL/TLS status -> select new domain or subdomain -> update -> autofill.

But is not normal.

Any ideas please?

Thanks very much in advance
 
Last edited by a moderator:

cPRex

Jurassic Moderator
Staff member
Oct 19, 2014
7,442
1,004
313
cPanel Access Level
Root Administrator
Hey there! Without showing the domain name or any personal info, could you provide a screenshot of what you're seeing on the browser side? That's the main thing I'd need to see to be able to provide you with better details on this issue.
 

cPRex

Jurassic Moderator
Staff member
Oct 19, 2014
7,442
1,004
313
cPanel Access Level
Root Administrator
That's good to know - everything on the AutoSSL side is working well, but the Apache restarts are likely delayed. Does this system have piped logging enabled, or maybe another tool like Nginx as well?

It still might be worth submitting a ticket as installing an SSL is one of the actions where I would expect an Apache restart to happen immediately.
 

gfserver

Active Member
Feb 18, 2015
38
6
58
cPanel Access Level
Root Administrator
Hello, we use Nginx.

About piped logging , I don't know what it is....

I will add a new domain right now, let me see what happens
 

gfserver

Active Member
Feb 18, 2015
38
6
58
cPanel Access Level
Root Administrator
Hello, new domain added and SSL certificate immediately installed successfully, incredible.

I will be in touch if the issue appears again.

Thanks!
 

cPRex

Jurassic Moderator
Staff member
Oct 19, 2014
7,442
1,004
313
cPanel Access Level
Root Administrator
You're always welcome to open a ticket - no need for my permission on that!

It looks like we gave you some advice about the wildcard certificates we found and you're doing some testing with that, but I'm following along with this on my end as well now.
 

gfserver

Active Member
Feb 18, 2015
38
6
58
cPanel Access Level
Root Administrator
Hello @cPRex , that is correct.

Uninstalling an installing Engintron fixed the problem.

But we will be checking if the problem persists.

Thanks very much for your support

Regards