frenziedfox

Active Member
Mar 9, 2010
35
5
58
Hi,

I've received this error twice now:

The system failed to acquire a signed certificate from the cPanel Store because of the following error: (XID 7ctsvt) The cPanel Store returned an error (X::TemporarilyUnavailable) in response to the request “POST ssl/certificate/whm-license/90-day”: We were unable to process your request. Please try again later.
1637145396395.png

But when I went in to 'Manage AutoSSL' and checked the logs it said everything was OK. I even tried running it manually and, again, it said everything is OK? No error caused.

Any idea what's causing this? Is it ok? I'd rather avoid getting errors due to lack of SSL certs if possible!

thanks,

Alex
 

Wallu

Active Member
Jan 13, 2020
34
7
8
Finland
cPanel Access Level
Root Administrator
It looks like this is an issue we are actively working on and is known. Please see the following article; does this sound like what you are both experiencing? If not, you may want to open a ticket with cPanel using the link in my signature.
No idea what that article is, and won't register yet to another system.

I just got 5th e-mail about the failure, so... what are we supposed to do here? It's fine until certs start to end, and then it's all hell.

As there are more than one getting the same error e-mail, I believe it's safe to say, the problem is on store end. Have you changed / added / closed any firewall ports on the store end or anything? I have very strict port rules and if yes, on my end it's most likely not open, so maybe something in that direction?

Any ideas, anyone?

EDIT: I could be wrong, but this has nothing to do with AutoSSL, or site certs. I guess this is about the WHM license itself..

So the problem lies between my WHM server and the cPanel Store. Lets work on that. As I asked above, have there been any IP/Port changes?

I have these:

Code:
--dport 2096 -j ACCEPT #webmail ssl
--dport 2089 -j ACCEPT #whm license
--dport 2087 -j ACCEPT #whm ssl
--dport 2083 -j ACCEPT #cpanel ssl
--dport 2078 -j ACCEPT #webdav ssl
--dport 2080 -j ACCEPT #caldav and carddav ssl
...let me know if there are changes I need to do.

- Wallu
 
Last edited:

frenziedfox

Active Member
Mar 9, 2010
35
5
58
It looks like this is an issue we are actively working on and is known. Please see the following article; does this sound like what you are both experiencing? If not, you may want to open a ticket with cPanel using the link in my signature.
cPanel SSL issued 90 day SSL certificates are renewed three days before expiration


Symptoms
90 day cPanel issued SSL certificates are renewed three days before expiration instead of 25 days
Description
When /usr/local/cpanel/bin/checkallsslcerts runs it thinks cPanel provided hostname certificates are third-party SSL certificates, which causes the SSL to be renewed three days prior to expiration.
We've opened an internal case for our development team to investigate this further. For reference, the case number is COBRA-13510. Follow this article to receive an email notification when a solution is published in the product.
Hi Anthony,

It don't really know, to be honest... but I wouldn't have said it was the same.

I saw one of my customer domains needed it's SSL certificate renewing at 13.xx days (I can't remember the days exactly!). I ran the script again and it had renewed the certificate fine so I'm happy that hostname certificates is working.

Looking at the SSL certificate for WHM it says it renewed 4 days ago... which is roughly how long it has been erroring for?

1637322060317.png

Shall I open a ticket?

Alex
 

frenziedfox

Active Member
Mar 9, 2010
35
5
58
Assuming no one changed anything else, it worked! I had no error this morning.

Did this first:
First, reset the hostname certificate to a self-signed one:

for service in ftp exim dovecot cpanel ; do whmapi1 --output=jsonpretty reset_service_ssl_certificate service=$service ;done

There was nothing in /var/cpanel/hostname_cert_csrs so I skipped this:
Next, move aside the old CSR (if it exists):

mv /var/cpanel/hostname_cert_csrs{,.cpbkp} -v

Then I ran the script.
Finally, run checkallsslcerts to order a new certificate:

/usr/local/cpanel/bin/checkallsslcerts
 

Wallu

Active Member
Jan 13, 2020
34
7
8
Finland
cPanel Access Level
Root Administrator
Code:
Please note, this certificate will still update once the certificate has reached 3 days before expiry.
Wonder if I should wait until 3-days left, or do the workaround too. I bet this "false-positive error" will be fixed in the future..
 

cPanelAnthony

Administrator
Staff member
Oct 18, 2021
583
53
103
Houston, TX
cPanel Access Level
Root Administrator
Code:
Please note, this certificate will still update once the certificate has reached 3 days before expiry.
Wonder if I should wait until 3-days left, or do the workaround too. I bet this "false-positive error" will be fixed in the future..
It should update automatically, but it may be worth doing the workaround for the peace of mind.
 

rscalover

Well-Known Member
Dec 16, 2010
100
11
68
cPanel Access Level
Root Administrator
It looks like there were some temporary issues with the cPanel store. Are both of you getting this issue still?
nope i get this error right now .... why does it say this "The cPanel Store returned an error (X::TemporarilyUnavailable) in response to the request “POST ssl/certificate/whm-license/90-day”: We were unable to process your request. Please try again later" am i paying money for a trial licence ???????.
 

cPanelAnthony

Administrator
Staff member
Oct 18, 2021
583
53
103
Houston, TX
cPanel Access Level
Root Administrator
nope i get this error right now .... why does it say this "The cPanel Store returned an error (X::TemporarilyUnavailable) in response to the request “POST ssl/certificate/whm-license/90-day”: We were unable to process your request. Please try again later" am i paying money for a trial licence ???????.
Thanks for the confirmation. It looks like this is still related to the incident in the following article still.

Can you confirm if this helps?
 

garconcn

Well-Known Member
Oct 29, 2009
164
15
68
Seems there's issue with autossl again since last night

4:28:23 PM Processing “username”’s local DCV results …
4:28:23 PM Analyzing “domain.com”’s DCV results …
4:28:23 PM AutoSSL will request a new certificate.
4:28:23 PM The system will attempt to renew the SSL certificate for (domain.com: domain.com www.domain.com mail.domain.com webmail.domain.com cpanel.domain.com webdisk.domain.com cpcontacts.domain.com cpcalendars.domain.com).
4:28:28 PM The cPanel Store received “domain.com”’s certificate order. (Order Item ID: 1345337345) The system will periodically poll the cPanel Store for the issued certificate and then install it after a successful retrieval.
The system has completed “username”’s AutoSSL check.
 

garconcn

Well-Known Member
Oct 29, 2009
164
15
68
Seems there's issue with autossl again since last night

4:28:23 PM Processing “username”’s local DCV results …
4:28:23 PM Analyzing “domain.com”’s DCV results …
4:28:23 PM AutoSSL will request a new certificate.
4:28:23 PM The system will attempt to renew the SSL certificate for (domain.com: domain.com www.domain.com mail.domain.com webmail.domain.com cpanel.domain.com webdisk.domain.com cpcontacts.domain.com cpcalendars.domain.com).
4:28:28 PM The cPanel Store received “domain.com”’s certificate order. (Order Item ID: 1345337345) The system will periodically poll the cPanel Store for the issued certificate and then install it after a successful retrieval.
The system has completed “username”’s AutoSSL check.