Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

SOLVED AutoSSL & Remotely Hosted Domains?

Discussion in 'Security' started by ddovidenko, Jan 20, 2018.

Tags:
  1. ddovidenko

    ddovidenko Member

    Joined:
    Dec 13, 2006
    Messages:
    7
    Likes Received:
    1
    Trophy Points:
    153
    I'm getting AutoSSL failures that according to the error indicate no AutoSSL will be generated for any of the domain including www and the main domain itself. In this case the error is because I use google suite for the domain, so of course mail points to google's webmail. How can I tell AutoSSL to ignore subdomains that resolve to external servers and just renew the cert for the main domain?

    The system failed to fetch the DCV (Domain Control Validation) file at “http://mail.<redacted>.com/<redacted>” because of an error: The system failed to send an HTTP (Hypertext Transfer Protocol) “GET” request to “http://mail.<redacted>.com/<redacted>” because of an error: SSL connection failed for mail.google.com: SSL connect attempt failed because of handshake problems. The domain “mail.<redacted>.com” resolved to an IP address “<redacted>” that does not exist on this server.
    For the most current status, navigate to the “SSL/TLS Status” interface. You can also exclude domains from future renewal attempts, which would cease future notifications.
    The following domains will lose SSL coverage when the certificate expires:

    cpanel.<redacted>.com
    <redacted>.com
    mail.<redacted>.com
    webdisk.<redacted>.com
    webmail.<redacted>.com
    www.<redacted>.com
     
  2. Dryandra

    Dryandra Registered

    Joined:
    Mar 19, 2017
    Messages:
    4
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    USA
    cPanel Access Level:
    Root Administrator
    AutoSSL attempts to issue certificate which would covered all mentioned domain names. If some of domain names have A records which don't point to your server, they will fail DCV check. If domain name points to a server but DCV check is failed you need to investigate what causes that. Sometimes this is due to .htaccess files.
     
  3. 24x7server

    24x7server Well-Known Member

    Joined:
    Apr 17, 2013
    Messages:
    1,835
    Likes Received:
    85
    Trophy Points:
    78
    Location:
    India
    cPanel Access Level:
    Root Administrator
    This line here is the root cause of the issue. The domains that are hosted on the server and pointing properly to the same server are only considered for SSL generation via AutoSSL. Are these domain resolve to the proper IP address of the server/domain?
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  4. ddovidenko

    ddovidenko Member

    Joined:
    Dec 13, 2006
    Messages:
    7
    Likes Received:
    1
    Trophy Points:
    153
    Guys I understand that the issue is that the subdomain points to an external server. That is the whole point of my post. I don't want AutoSSL generating SSL for external subdomains. I want it to make it for all the subdomains and main domain that DO point to the server. However the error is telling me it won't make any of them because of the one subdomain. That's what I'm trying to fix.
     
  5. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    44,277
    Likes Received:
    1,846
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  6. ddovidenko

    ddovidenko Member

    Joined:
    Dec 13, 2006
    Messages:
    7
    Likes Received:
    1
    Trophy Points:
    153
    cPanelMichael likes this.
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice