The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

AutoSSL missing mail subdomains

Discussion in 'E-mail Discussions' started by dario2, Aug 8, 2017.

Tags:
  1. dario2

    dario2 Member

    Joined:
    Sep 21, 2002
    Messages:
    12
    Likes Received:
    0
    Trophy Points:
    151
    Hello,

    I run a cPanel hosting server with AutoSSL (Let's Encrypt). Until last week everything was running fine, but one day many customers started complaining that their e-mail clients where denying connection because of expired SSL certificates. In WHM I noticed many expired Let's Encrypt certificates, only to find out that Let's Encrypt TOS where updated and I had to agree to the new terms to re-enable AutoSSL cert renewal through WHM. Yeah, great.

    After that I thought life would get back to normal, but now the customers were complaining about certificate incompatibility errors. It turns out that AutoSSL is no longer generating certificates for mail.domain.tld. Also, the cert copies that dovecot and exim use are not being updated as well.

    So

    /var/cpanel/ssl/domain_tls/<domain.tld>/*

    certificate files get renewed, but the copies that exim and dovecot use, located at

    /var/cpanel/ssl/domain_tls/mail.<domain.tld>/*

    are still expired! Does anybody else have this problem?
     
  2. Eminds

    Eminds Well-Known Member

    Joined:
    Nov 10, 2016
    Messages:
    174
    Likes Received:
    10
    Trophy Points:
    18
    Location:
    India
    cPanel Access Level:
    Root Administrator
    check if the certificates were renewed properly , you can check it through logs at WHM >> Manage Auto SSL >> Click on Logs

    Logs will give you an idea of whats happening.
     
  3. dario2

    dario2 Member

    Joined:
    Sep 21, 2002
    Messages:
    12
    Likes Received:
    0
    Trophy Points:
    151
    Thanks! I figured it out. It turns out that all mail.domain.tld server aliases had vanished from httpd.conf and /var/cpanel/userdata/* files. They should be there, according to this thread:

    Mail Subdomain added as alias to main domain in httpd.conf

    Luckily, I found a script that restores them:

    /usr/local/cpanel/scripts/add_mail_serveralias_to_userdata

    Then I had to "run Auto SSL for all users" through WHM.

    Why the mail.* aliases vanished in the first place, I have no clue!
     
  4. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    36,995
    Likes Received:
    1,275
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello,

    I'm glad to see you were able to solve the issue. Thank you for updating us with the outcome.

    Is it possible the entries were manually removed from the userdata files by someone with root access to the server?

    Thank you.
     
Loading...

Share This Page