Autossl renewal in pending queue for days on multiple servers

garconcn

Well-Known Member
Oct 29, 2009
172
18
68
I use this API to queue domains in the AutoSSL pending queue, found that the ssl won't renew since Nov 23 on multiple servers. Is there an issue on cpanel autossl?

Code:
whmapi1 --output=jsonpretty   get_autossl_pending_queue

Code:
      "pending_certificates" : [
         {
            "order_item_id" : "1344489985",
            "request_time" : "2021-11-23T04:34:02Z",
            "dcv_method" : "http",
            "user" : "username",
            "domain" : "domain.com",
            "virtual_host" : "domain.com"
         },
 

cPanelAnthony

Administrator
Staff member
Oct 18, 2021
1,045
111
118
Houston, TX
cPanel Access Level
Root Administrator
Hello! There are a few different AutoSSL-related issues at this time. Would it be possible for all of you to open tickets with cPanel using the link in my signature, or by asking your web hosting provider to do so? It will be easiest for us to help if we can confirm the exact issue on each host.

Thank you.
 

jamo99

Member
Sep 25, 2008
9
0
51
Are the issues perhaps related to this?

This was a ticket reply from Sectigo:

Thank you for contacting Sectigo Technical support.

Apologies for the delay in response.

The CA Browser (CA/B) Forum recently passed ballot SC45 regarding the use of file-based domain validation, also known as file auth, http token, http auth, or CA/B Forum Baseline Requirements methods 18 (3.2.2.4.18) and 19 (3.2.2.4.19).

This ballot disallows file-based domain validation for wildcard certificates and requires, when file-based DCV is employed, that it must take place for each individual SAN/fully qualified domain name (FQDN). Sectigo will implement this policy change beginning November 22, 2021.

The HTTP file needs to be created on the requested FQDN.

Domain Control Validation (DCV) using file-based validation policy change

Please let us know if you need any further support.

Regards,
Logan
SECTIGO - Technical Support Team.