AutoSSL strange message about domain control validation

Thorsten H. · Aug 9, 2016

Hello,
I start using AutoSSL by now but I have a problem with it: When I ran a check on a domain/user I get this message:
WARN The domain “www.*.domain.de” has failed domain control validation (“www.*.domain.de” does not resolve to any IPv4 addresses on the internet.). at bin/autossl_check.pl line 434.

That domain has some aliases but no sub-domains.
I can setup a ping to www.*.domain.de (* changed to something normal like empty) and so server is responding.
I also can call that URL with https:// but than I only get the "Dienst-SSL-Zertifikat" of the server.

I don't know how to resolve the problem.

Regards
Thorsten

cPanelMichael · Aug 9, 2016

Thorsten H. said: ↑

That domain has some aliases but no sub-domains.
Click to expand...

Hello,

AutoSSL will not secure wildcard domains. Could you verify that no wildcard subdomain is added to this account? Also, please post the output from the following command:
Code:
grep '' /etc/redhat-release /usr/local/cpanel/version /var/cpanel/envtype
Thank you.

Thorsten H. · Aug 9, 2016

cPanelMichael said: ↑
Hello,

AutoSSL will not secure wildcard domains. Could you verify that no wildcard subdomain is addedto this account? Also, please post the output from the following command:
Code:
grep '' /etc/redhat-release /usr/local/cpanel/version /var/cpanel/envtype
Thank you.
Click to expand...
Hello Michael,

I'm shure not to use wildcard subdomains. If you need them, I can send some screenshots.

Here is the output of your code:
/etc/redhat-release:CentOS release 6.8 (Final)
/usr/local/cpanel/version:11.58.0.13
/var/cpanel/envtype:kvm

Good night from germany

Thorsten

cPanelMichael · Aug 9, 2016

Thorsten H. said: ↑

I'm shure not to use wildcard subdomains.
Click to expand...

It seems like leftover configuration data might exist for a previous wildcard entry associated with this domain name, as the AutoSSL feature should not attempt to validate "www.*.domain.de" if it does not exist as a domain name under the account. Could you open a support ticket using the link in my signature so we can take a closer look? You can post the ticket number here so we can update this thread with the outcome.

Thank you.

Thorsten H. · Aug 10, 2016

cPanelMichael said: ↑

It seems like leftover configuration data might exist for a previous wildcard entry associated with this domain name, as the AutoSSL feature should not attempt to validate "www.*.domain.de" if it does not exist as a domain name under the account. Could you open a support ticket using the link in my signature so we can take a closer look? You can post the ticket number here so we can update this thread with the outcome.

Thank you.
Click to expand...

OK, ticket opened

cPanelMichael · Aug 15, 2016

Hello,

To update, internal case CPANEL-6147 is open to address an issue where certain rewrite conditions in .htaccess files prevent Let's Encrypt and Comodo from completing the domain validation process. I'll update this thread with more information on this case as it becomes available.

In the meantime, users are encouraged to post examples of .htaccess rules that block Let's Encrypt or Comodo. This will help our developers better formulate a rule to temporarily exclude these vendors from existing .htaccess rules during the validation process.

Additional information on testing the validation process is available at:

cPanel & WHM’s AutoSSL/SSL ordering process

If you notice a failure message, please post the failure message and your .htaccess rules here in CODE tags (ensuring to exclude identifying domain names or IP addresses).

Thank you.

Thorsten H. · Aug 16, 2016

Those htaccess-rules have block my Comodo-Installation/Update
1. when using Wordpress and iThemes-Security
RewriteCond %{HTTP_USER_AGENT} "^comodo" [NC,OR]

2. redirect http to https at htaccess
<ifmodule mod_rewrite.c="">
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
</ifmodule>

or

3. redirect 2
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}/$1 [R=301,L]

This can cause problems - did it at my domains

Forums

The Community Forums

Interact with an entire community of cPanel & WHM users!

AutoSSL strange message about domain control validation

Thorsten H. Active Member

cPanelMichael Technical Support Community Manager
Staff Member

Thorsten H. Active Member

cPanelMichael Technical Support Community Manager
Staff Member

Thorsten H. Active Member

cPanelMichael Technical Support Community Manager
Staff Member

Thorsten H. Active Member

AutoSSL on cPanel Service Proxies

AutoSSL DNS DCV fails for IPv6 subdomain

Potential reduced AutoSSL coverage for subdomain that doesn't exist?

AutoSSL cert for alias domain?

disabled autoSSL and set new certificates to access website

Share This Page

Useful Searches

The Community Forums

Interact with an entire community of cPanel & WHM users!

AutoSSL strange message about domain control validation

Thorsten H. Active Member

cPanelMichael Technical Support Community Manager Staff Member

Thorsten H. Active Member

cPanelMichael Technical Support Community Manager Staff Member

Thorsten H. Active Member

cPanelMichael Technical Support Community Manager Staff Member

Thorsten H. Active Member

AutoSSL on cPanel Service Proxies

AutoSSL DNS DCV fails for IPv6 subdomain

Potential reduced AutoSSL coverage for subdomain that doesn't exist?

AutoSSL cert for alias domain?

disabled autoSSL and set new certificates to access website

Share This Page

cPanelMichael Technical Support Community Manager
Staff Member

cPanelMichael Technical Support Community Manager
Staff Member

cPanelMichael Technical Support Community Manager
Staff Member