Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

AutoSSL where website is on another server

Discussion in 'Security' started by agentofkaos, Mar 8, 2017.

Tags:
  1. agentofkaos

    agentofkaos Member

    Joined:
    Mar 8, 2017
    Messages:
    7
    Likes Received:
    1
    Trophy Points:
    3
    Location:
    Australia
    cPanel Access Level:
    Reseller Owner
    I have set up AutoSSL with Comodo on my VPS and for most clients it has worked very well. However for one client we get the error
    Code:
    1:10:28 AM WARN The domain “xxx.com.au” failed domain control validation: The system queried for a temporary file at “<a href="http://www.xxx.com.au/F18DD258BA09746617E77C3AA2693375.txt">http://www.xxx.com.au/F18DD258BA09746617E77C3AA2693375.txt</a>”, which was redirected from “<a href="http://xxx.com.au/F18DD258BA09746617E77C3AA2693375.txt">http://xxx.com.au/F18DD258BA09746617E77C3AA2693375.txt</a>”. The web server responded with the following error: 404 (Not Found). A <abbr title="Domain Name System">DNS</abbr> or web server misconfiguration may exist. The domain “xxx.com.au” resolved to an IP address “yy.dd.ss.aa” that does not exist on this server. at bin/autossl_check.pl line 562.
    
    This is because the clients website is on another server. The result of this is that no one on this account can get their email using an iPhone- there is a message about a bad or missing certificate, but on current versions of IOS you can no longer tell the phone to ignore the issue.

    I've tried turning off AutoSSL for this customer but that didn't appear to work either. Does anyone have any suggestions on how to fix or alleviate this please?
     
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    38,658
    Likes Received:
    1,427
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello,

    You can remove existing certificates via:

    "WHM >> Manage SSL Hosts"

    Could you let us know the settings you entered when setting up email on iOS? Does the issue persist when removing the account and creating it again?

    Thank you.
     
  3. agentofkaos

    agentofkaos Member

    Joined:
    Mar 8, 2017
    Messages:
    7
    Likes Received:
    1
    Trophy Points:
    3
    Location:
    Australia
    cPanel Access Level:
    Reseller Owner
    Looks like there might be a different problem here than I thought.

    Here's the status- only 1 account is affected, all others are fine
    1. AutoSSL does appear to have placed the txt file correctly in the public_html folder for mail.domain.com.au but Comodo can't pick it up due to the error above. Maybe this is a DNS problem....
    2. All domains for this account appear in the 'pending queue' a week later but not in the log. So AutoSSL appears to have given up, but not removed the domains from the queue
    3. Removing the account from AutoSSL 'Manage Users' does not remove the domains from the pending queue
    4. As none of these domains have received a cert, they do not appear in 'Manage SSL Hosts'

    On an IOS device it seems that the account may be offering an SSL certificate, but as there is a name mismatch it cannot be trusted, and IOS now has no way of getting around that issue. That's not really the problem though, I believe that if we fix the cert issue the IOS issue will go away.
     
  4. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    38,658
    Likes Received:
    1,427
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello,

    Could you open a support ticket using the link in my signature so we can take a closer look? You can post the ticket number here so we can update this thread with the outcome.

    Thank you.
     
Loading...

Share This Page