Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

SOLVED AutoSSL & Remotely Hosted Domains?

Discussion in 'Security' started by ddovidenko, Jan 20, 2018.

Tags:
  1. ddovidenko

    ddovidenko Member

    Joined:
    Dec 13, 2006
    Messages:
    7
    Likes Received:
    1
    Trophy Points:
    153
    I'm getting AutoSSL failures that according to the error indicate no AutoSSL will be generated for any of the domain including www and the main domain itself. In this case the error is because I use google suite for the domain, so of course mail points to google's webmail. How can I tell AutoSSL to ignore subdomains that resolve to external servers and just renew the cert for the main domain?

    The system failed to fetch the DCV (Domain Control Validation) file at “http://mail.<redacted>.com/<redacted>” because of an error: The system failed to send an HTTP (Hypertext Transfer Protocol) “GET” request to “http://mail.<redacted>.com/<redacted>” because of an error: SSL connection failed for mail.google.com: SSL connect attempt failed because of handshake problems. The domain “mail.<redacted>.com” resolved to an IP address “<redacted>” that does not exist on this server.
    For the most current status, navigate to the “SSL/TLS Status” interface. You can also exclude domains from future renewal attempts, which would cease future notifications.
    The following domains will lose SSL coverage when the certificate expires:

    cpanel.<redacted>.com
    <redacted>.com
    mail.<redacted>.com
    webdisk.<redacted>.com
    webmail.<redacted>.com
    www.<redacted>.com
     
  2. Dryandra

    Dryandra Registered

    Joined:
    Mar 19, 2017
    Messages:
    4
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    USA
    cPanel Access Level:
    Root Administrator
    AutoSSL attempts to issue certificate which would covered all mentioned domain names. If some of domain names have A records which don't point to your server, they will fail DCV check. If domain name points to a server but DCV check is failed you need to investigate what causes that. Sometimes this is due to .htaccess files.
     
  3. 24x7server

    24x7server Well-Known Member

    Joined:
    Apr 17, 2013
    Messages:
    1,734
    Likes Received:
    78
    Trophy Points:
    78
    Location:
    India
    cPanel Access Level:
    Root Administrator
    This line here is the root cause of the issue. The domains that are hosted on the server and pointing properly to the same server are only considered for SSL generation via AutoSSL. Are these domain resolve to the proper IP address of the server/domain?
     
  4. ddovidenko

    ddovidenko Member

    Joined:
    Dec 13, 2006
    Messages:
    7
    Likes Received:
    1
    Trophy Points:
    153
    Guys I understand that the issue is that the subdomain points to an external server. That is the whole point of my post. I don't want AutoSSL generating SSL for external subdomains. I want it to make it for all the subdomains and main domain that DO point to the server. However the error is telling me it won't make any of them because of the one subdomain. That's what I'm trying to fix.
     
  5. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    42,802
    Likes Received:
    1,714
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
  6. ddovidenko

    ddovidenko Member

    Joined:
    Dec 13, 2006
    Messages:
    7
    Likes Received:
    1
    Trophy Points:
    153
    cPanelMichael likes this.
Loading...

Share This Page