The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

AutoSSL strange message about domain control validation

Discussion in 'Security' started by Thorsten H., Aug 9, 2016.

Tags:
  1. Thorsten H.

    Thorsten H. Active Member

    Joined:
    Jul 13, 2016
    Messages:
    30
    Likes Received:
    1
    Trophy Points:
    8
    Location:
    Germany
    cPanel Access Level:
    Root Administrator
    Hello,
    I start using AutoSSL by now but I have a problem with it: When I ran a check on a domain/user I get this message:
    WARN The domain “www.*.domain.de” has failed domain control validation (“www.*.domain.de” does not resolve to any IPv4 addresses on the internet.). at bin/autossl_check.pl line 434.

    That domain has some aliases but no sub-domains.
    I can setup a ping to www.*.domain.de (* changed to something normal like empty) and so server is responding.
    I also can call that URL with https:// but than I only get the "Dienst-SSL-Zertifikat" of the server.

    I don't know how to resolve the problem.

    Regards
    Thorsten
     
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,854
    Likes Received:
    675
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello,

    AutoSSL will not secure wildcard domains. Could you verify that no wildcard subdomain is added to this account? Also, please post the output from the following command:

    Code:
    grep '' /etc/redhat-release /usr/local/cpanel/version /var/cpanel/envtype
    Thank you.
     
  3. Thorsten H.

    Thorsten H. Active Member

    Joined:
    Jul 13, 2016
    Messages:
    30
    Likes Received:
    1
    Trophy Points:
    8
    Location:
    Germany
    cPanel Access Level:
    Root Administrator

    Hello Michael,



    I'm shure not to use wildcard subdomains. If you need them, I can send some screenshots.

    Here is the output of your code:
    /etc/redhat-release:CentOS release 6.8 (Final)
    /usr/local/cpanel/version:11.58.0.13
    /var/cpanel/envtype:kvm

    Good night from germany

    Thorsten
     
  4. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,854
    Likes Received:
    675
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    It seems like leftover configuration data might exist for a previous wildcard entry associated with this domain name, as the AutoSSL feature should not attempt to validate "www.*.domain.de" if it does not exist as a domain name under the account. Could you open a support ticket using the link in my signature so we can take a closer look? You can post the ticket number here so we can update this thread with the outcome.

    Thank you.
     
  5. Thorsten H.

    Thorsten H. Active Member

    Joined:
    Jul 13, 2016
    Messages:
    30
    Likes Received:
    1
    Trophy Points:
    8
    Location:
    Germany
    cPanel Access Level:
    Root Administrator
    OK, ticket opened
     
  6. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,854
    Likes Received:
    675
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello,

    To update, internal case CPANEL-6147 is open to address an issue where certain rewrite conditions in .htaccess files prevent Let's Encrypt and Comodo from completing the domain validation process. I'll update this thread with more information on this case as it becomes available.

    In the meantime, users are encouraged to post examples of .htaccess rules that block Let's Encrypt or Comodo. This will help our developers better formulate a rule to temporarily exclude these vendors from existing .htaccess rules during the validation process.

    Additional information on testing the validation process is available at:

    cPanel & WHM’s AutoSSL/SSL ordering process

    If you notice a failure message, please post the failure message and your .htaccess rules here in CODE tags (ensuring to exclude identifying domain names or IP addresses).

    Thank you.
     
  7. Thorsten H.

    Thorsten H. Active Member

    Joined:
    Jul 13, 2016
    Messages:
    30
    Likes Received:
    1
    Trophy Points:
    8
    Location:
    Germany
    cPanel Access Level:
    Root Administrator
    Those htaccess-rules have block my Comodo-Installation/Update
    1. when using Wordpress and iThemes-Security
    RewriteCond %{HTTP_USER_AGENT} "^comodo" [NC,OR]

    2. redirect http to https at htaccess
    <ifmodule mod_rewrite.c="">
    RewriteEngine On
    RewriteCond %{HTTPS} off
    RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
    </ifmodule>

    or

    3. redirect 2
    RewriteEngine On
    RewriteCond %{HTTPS} off
    RewriteRule (.*) https://%{HTTP_HOST}/$1 [R=301,L]

    This can cause problems - did it at my domains
     
Loading...

Share This Page