The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

AutoSSL: The certificate is not available. (processing)

Discussion in 'Security' started by jaxcon, Aug 16, 2016.

Tags:
  1. jaxcon

    jaxcon Registered

    Joined:
    Aug 16, 2016
    Messages:
    2
    Likes Received:
    1
    Trophy Points:
    3
    Location:
    United States
    cPanel Access Level:
    Root Administrator
    I enabled AutoSSL using Comodo and had several domains where the enrollment resulted in AutoSSL checking for a certificate every 5 minutes but is reporting the following message in the log:

    The certificate is not available. (processing)

    Though it has been checking for the past week, it continues to be unable to retrieve a certificate.

    Can I cancel or delete these certificate requests so that it doesn't continue to poll for a certificate every 5 minutes that isn't going to resolve and start over with a new certificate request?
     
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,811
    Likes Received:
    671
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
  3. Nathan Reid

    Nathan Reid Registered

    Joined:
    Aug 17, 2016
    Messages:
    2
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Brisbane, Australia
    cPanel Access Level:
    Root Administrator
    I'm having the same issue with an order polling every 5 minutes with "The certificate is not available. (processing)". I also have 3 in progress orders which haven't changed status in over 12 hours.
     
  4. jaxcon

    jaxcon Registered

    Joined:
    Aug 16, 2016
    Messages:
    2
    Likes Received:
    1
    Trophy Points:
    3
    Location:
    United States
    cPanel Access Level:
    Root Administrator
    Hi Michael -

    Yes, attached is the log output (I've attached a text file since it contains 3,000+ lines).

    I also replaced the cPanel username with cpaneluser, the domain name with domain.com and the order number with 11111111.

    Thanks for taking a look.
     

    Attached Files:

    Nathan Reid likes this.
  5. nt81

    nt81 Registered

    Joined:
    Aug 17, 2016
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Brisbane, Australua
    cPanel Access Level:
    Root Administrator
    I have a similar issue.

    I have a VPS with approx 30 sites on it and most of them received AutoSSL certificates when the WHM update came through and I enabled it. However I have one hosting particular that I've been waiting on for about a week now and it refuses to install as per the issues mentioned above.

    The only thing different to my other domains is that this one has another domain parked (main .com.au and secondary .com) on the same cpanel account so I'm not sure if that is related to the issue.

    I would love to find a solution for this.

    Every time I check the domain, I just get this in the log :

    Code:
    8:57:18 AM This system has AutoSSL set to use “cPanel (powered by Comodo)”.
    8:57:18 AM Checking websites for “redacted” …
    8:57:18 AM The website “<redacted>.com.au”, owned by “redacted”, has no SSL certificate. AutoSSL will attempt to obtain a new certificate and install it.
    8:57:18 AM The system will attempt to renew SSL certificates for the following websites:
    8:57:18 AM <redacted>.com.au (<redacted>.com <redacted>.com.au .com" target="_blank" class="externalLink ProxyLink" data-proxy-href="http://www..com" rel="nofollow">www.<redacted>.com .com.au" target="_blank" class="externalLink ProxyLink" data-proxy-href="http://www..com.au" rel="nofollow">www.<redacted>.com.au)
    8:57:23 AM The system has completed the AutoSSL check for “redacteduser”.
    8:57:23 AM The system has finished checking 1 user.
    8:59:02 AM Polling for “redacted”’s new certificate for “<redacted>.com.au” (order item ID “12411789”) …
    8:59:03 AM The certificate is not available. (processing)
    9:04:01 AM Polling for “redacted”’s new certificate for “<redacted>.com.au” (order item ID “12411789”) …
    9:04:02 AM The certificate is not available. (processing)
    9:09:01 AM Polling for “redacted”’s new certificate for “<redacted>.com.au” (order item ID “12411789”) …
    9:09:02 AM The certificate is not available. (processing)
    
    
     
    #5 nt81, Aug 17, 2016
    Last edited by a moderator: Aug 17, 2016
  6. nt81

    nt81 Registered

    Joined:
    Aug 17, 2016
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Brisbane, Australua
    cPanel Access Level:
    Root Administrator
    And this, every 5 minutes for the past 6 hours. What's going on guys?
     
  7. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,811
    Likes Received:
    671
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello,

    The following utility runs every five minutes as part of a cron job to see if a certificate has been processed:

    Code:
    /usr/local/cpanel/bin/autossl_check_cpstore_queue
    This should not result in any CPU/Memory issues on your system, but let us know if that's happening. Your system will automatically stop attempting to retrieve a certificate after 86400 seconds (1 day), so if it hasn't been issued within this time, it's removed from the queue and you will no longer see the "processing" message.

    The troubleshooting steps to see why a certificate was not validated are available at:

    cPanel & WHM’s AutoSSL/SSL ordering process

    Let me know if this information helps, or if you have any additional questions.

    Thank you.
     
    eva2000 likes this.
  8. Nathan Reid

    Nathan Reid Registered

    Joined:
    Aug 17, 2016
    Messages:
    2
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Brisbane, Australia
    cPanel Access Level:
    Root Administrator
    Seems my system is still attempting to retrieve the certificate 5 days later. The log is huge. Is there any support I can get to help with this issue?
     
  9. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,811
    Likes Received:
    671
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Feel free to open a support ticket using the link in my signature and we can take a closer look. You can post the ticket number here so we can update this thread with the outcome.

    Thank you.
     
  10. nt81

    nt81 Registered

    Joined:
    Aug 17, 2016
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Brisbane, Australua
    cPanel Access Level:
    Root Administrator
    Yeah, that was basically no help at all but thanks.

    For one hosting account on my VPS it just would NOT install an autoSSL and has been trying daily for the past couple of weeks and I gave up in disgust for a while.

    Code:
    [SIZE=3][B]Log for the AutoSSL run for “redacted”: Saturday, September 10, 2016 8:20:32 AM GMT+1000 (cPanel (powered by Comodo))[/B][/SIZE]
    10:20:32 PM This system has AutoSSL set to use “cPanel (powered by Comodo)”.
    10:20:32 PM Checking websites for “redacted” …
    10:20:32 PM The website “redacted.com.au”, owned by “redacted”, has no SSL certificate. AutoSSL will attempt to obtain a new certificate and install it.
    10:20:33 PM The system will attempt to renew SSL certificates for the following websites:
    10:20:33 PM redacted.com.au (redacted.com redacted.com.au [URL='http://www.redacted.com']www.redacted.com[/URL] [URL='http://www.redacted.com.au']www.redacted.com.au[/URL])
    10:20:33 PM The system has completed the AutoSSL check for “redacted”.
    10:20:33 PM The system has finished checking 1 user.
    
    basically this would time out EVERY time.

    I found a solution so hopefully this helps someone else.

    Run this command in your console and see what it says :
    /usr/local/cpanel/bin/autossl_check_cpstore_queue

    At first mine said

    Code:
    Polling for “redacted”’s new certificate for “redacted.com.au” (order item ID “12411789”) …
    The certificate is not available. (revoked)
    The request for a certificate for the website “redacted.com.au” has taken more than the allowed time (8 days). The system will no longer track this request. at bin/autossl_check_cpstore_queue.pl line 246.
    Cpanel::Exception/(XID zdr6ck) You do not have a document root for the domain “redacted.com”.
    at /usr/local/cpanel/Cpanel/Market/Provider/cPStore.pm line 607.
            Cpanel::Market::Provider::cPStore::_get_preparation_for_csr("-----BEGIN CERTIFICATE REQUEST-----\x{a}MIIC3DCCAcQCAQAwHTEbMBkGA"...) called at /usr/local/cpanel/Cpanel/Market/Provider/cPStore.pm line 394
            Cpanel::Market::Provider::cPStore::undo_domain_control_validation_preparation("csr", "-----BEGIN CERTIFICATE REQUEST-----\x{a}MIIC3DCCAcQCAQAwHTEbMBkGA"...) called at bin/autossl_check_cpstore_queue.pl line 255
            bin::autossl_check_cpstore_queue::_process_user(bin::autossl_check_cpstore_queue=HASH(0x2ed8fa0), "redacted") called at bin/autossl_check_cpstore_queue.pl line 129
            bin::autossl_check_cpstore_queue::__ANON__() called at /usr/local/cpanel/3rdparty/perl/522/lib64/perl5/cpanel_lib/Try/Tiny.pm line 80
            eval {...} called at /usr/local/cpanel/3rdparty/perl/522/lib64/perl5/cpanel_lib/Try/Tiny.pm line 71
            Try::Tiny::try(CODE(0x31b63a0), Try::Tiny::Catch=REF(0x267d098)) called at bin/autossl_check_cpstore_queue.pl line 141
            bin::autossl_check_cpstore_queue::_run_maybe_captured(bin::autossl_check_cpstore_queue=HASH(0x2ed8fa0)) called at bin/autossl_check_cpstore_queue.pl line 80
            bin::autossl_check_cpstore_queue::__ANON__() called at /usr/local/cpanel/Cpanel/CaptureFH.pm line 50
            Cpanel::CaptureFH::do_with_output_captured_to_path_if_non_tty("/usr/local/cpanel/logs/error_log", CODE(0x2ed9000)) called at bin/autossl_check_cpstore_queue.pl line 81
            bin::autossl_check_cpstore_queue::run(bin::autossl_check_cpstore_queue=HASH(0x2ed8fa0)) called at bin/autossl_check_cpstore_queue.pl line 64
    
    Which made me realise that I didn't have the .com domain parked on the cPanel account correctly

    Once I re-added that in, I tried again and success!

    /usr/local/cpanel/bin/autossl_check_cpstore_queue

    Code:
    Polling for “redacted”’s new certificate for “redacted.com.au” (order item ID “13533889”) …
    The certificate is available. The system will now attempt to install it.
    The certificate is now installed!
    
    
    Auto SSL Log :
    Code:
    [SIZE=3][B]Log for the AutoSSL run for “redacted”: Saturday, September 10, 2016 8:22:05 AM GMT+1000 (cPanel (powered by Comodo))[/B][/SIZE]
    10:22:05 PM This system has AutoSSL set to use “cPanel (powered by Comodo)”.
    10:22:05 PM Checking websites for “redacted” …
    10:22:05 PM The website “redacted.com.au”, owned by “redacted”, has no SSL certificate. AutoSSL will attempt to obtain a new certificate and install it.
    10:22:06 PM The system will attempt to renew SSL certificates for the following websites:
    10:22:06 PM redacted.com.au (redacted.com redacted.com.au [URL='http://www.redacted.com']www.redacted.com[/URL] [URL='http://www.redacted.com.au']www.redacted.com.au[/URL])
    10:22:12 PM The system has completed the AutoSSL check for “redacted”.
    10:22:12 PM The system has finished checking 1 user.
    10:22:15 PM Polling for “redacted”’s new certificate for “redacted.com.au” (order item ID “13533889”) …
    10:22:16 PM The certificate is not available. (processing)
    10:22:23 PM Polling for “redacted”’s new certificate for “redacted.com.au” (order item ID “13533889”) …
    10:22:24 PM The certificate is not available. (processing)
    10:25:01 PM Polling for “redacted”’s new certificate for “redacted.com.au” (order item ID “13533889”) …
    10:25:02 PM The certificate is not available. (processing)
    10:27:30 PM Polling for “redacted”’s new certificate for “redacted.com.au” (order item ID “13533889”) …
    10:27:31 PM The certificate is available. The system will now attempt to install it.
    10:27:36 PM SUCCESS The certificate is now installed!
    
    It would be nice if some of that log file feedback could flow back into the AutoSSL log guys !
    My solution was right under my nose but I needed more log information to work it all out.

    Hope this helps someone else!
     
    #10 nt81, Sep 9, 2016
    Last edited by a moderator: Sep 9, 2016
  11. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,811
    Likes Received:
    671
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello,

    Could you verify the specific log file location you are using, in addition to the specific event you would like added to this log file?

    Thank you.
     
  12. realtech

    realtech Registered

    Joined:
    Mar 13, 2013
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    I'm having the same issue:
    The certificate is not available. (processing)
    I opened a ticket 7821769
     
    #12 realtech, Oct 24, 2016
    Last edited by a moderator: Oct 24, 2016
  13. realtech

    realtech Registered

    Joined:
    Mar 13, 2013
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    It finally worked! It took about 3 hours. I had to add Comodo's IPs to my Allow list in csf firewall and I had to uncheck the Enable HackRepair.com's blacklist feature in the iThemes Security plugin in Wordpress.

    Now looking to find out how to get one of these installed where there is currently a paid SSL.....
     
  14. realtech

    realtech Registered

    Joined:
    Mar 13, 2013
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    I deleted the SSL in Manage SSL Hosts area of WHM, then in Manage AutoSSL/Manage Users clicked the 'check' button and it worked great.
     
  15. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,811
    Likes Received:
    671
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello,

    I'm happy to see it's now working well. Thank you for updating us with the outcome.
     
Loading...

Share This Page