Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

SOLVED Correct DNS settings but AutoSSL Domain Validation failing

Discussion in 'Bind / DNS / Nameserver Issues' started by caroseuk, Jul 14, 2017.

Tags:
  1. caroseuk

    caroseuk Member

    Joined:
    Aug 4, 2015
    Messages:
    24
    Likes Received:
    5
    Trophy Points:
    3
    Location:
    United kingdom
    cPanel Access Level:
    Root Administrator
    Hi cPanel,

    We have a range of accounts on our WHM server (v.60 build 28). and have enabled AutoSSL for some of the accounts.

    The DNS records are all set up and correctly resolving for the domains (checked with dig and thrugh Google DNS)
    example.co.uk
    www.example.co.uk
    mail.example.co.uk


    However when running the autossl_check process (both through WHM gui and linux command line), we are returned with the following message:

    Code:
    Checking websites for “user” …
    
    The website “example.co.uk”, owned by “user”, has no SSL certificate. AutoSSL will attempt to obtain a new certificate and install it.
    
    The domain “example.co.uk” failed domain control validation: “example.co.uk” does not resolve to any IPv4 addresses on the internet. at bin/autossl_check.pl line 526.
    
    The domain “www.example.co.uk" failed domain control validation: “www.example.co.uk” does not resolve to any IPv4 addresses on the internet. at bin/autossl_check.pl line 526.
    
    The domain “mail.example.co.uk” failed domain control validation: “mail.example.co.uk” does not resolve to any IPv4 addresses on the internet. at bin/autossl_check.pl line 526.
    
    The system has completed the AutoSSL check for “user”.
    After the check runs, there is a .well-known folder in in public_html, though it is empty. I can navigate to example.co.uk/.well-known and access it without issues.

    We have checked all cPanel documentation and we are at a loose end.

    Any advice?
     
    #1 caroseuk, Jul 14, 2017
    Last edited by a moderator: Jul 14, 2017
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    38,658
    Likes Received:
    1,425
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello,

    Feel free to open a support ticket using the link in my signature so we can take a closer look to see why domain validation is failing for that domain name.

    Thanks!
     
  3. caroseuk

    caroseuk Member

    Joined:
    Aug 4, 2015
    Messages:
    24
    Likes Received:
    5
    Trophy Points:
    3
    Location:
    United kingdom
    cPanel Access Level:
    Root Administrator
    Hi Michael, thanks.

    For anyone else who may have the same issue, we had someone from support log in and do some troubleshooting. From cPanel's perspective there was an issue with resolving the majority of root-servers.net so performing the DNS queries were failing. A check for this was done by running the following command on the server:

    Code:
    for i in {a..m}; do echo -n "$i: "; dig +short $i.root-servers.net @$i.root-servers.net; done
    
    a: ;; connection timed out; no servers could be reached
    b: ;; connection timed out; no servers could be reached
    c: ;; connection timed out; no servers could be reached
    d: ;; connection timed out; no servers could be reached
    e: ;; connection timed out; no servers could be reached
    f: 192.5.5.241
    g: ;; connection timed out; no servers could be reached
    h: ;; connection timed out; no servers could be reached
    i: ;; connection timed out; no servers could be reached
    j: ;; connection timed out; no servers could be reached
    k: 193.0.14.129
    l: ;; connection timed out; no servers could be reached
    m: ;; connection timed out; no servers could be reached
    ----------------------------------------------------
    Which pointed us back to our server providers, who did some further investigation. It turns out the firewall was configured to only allow the first 512b in a response. Increasing this (1500b) fixed the issue and all domains now resolve as they should.

    Thanks for the support :)
     
  4. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    38,658
    Likes Received:
    1,425
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hi @caroseuk,

    I'm happy to see the issue is now solved. Thank you for updating us with the outcome.
     
Loading...

Share This Page