I see many certificates are listed here at this page (WHM>>Service Configuration>>Manage Service SSL certificates) but all of them aren't workingHello,
The hostname SSL should automatically install on DNSOnly pending the hostname resolves. You can check this by going to WHM>>Service Configuration>>Manage Service SSL certificates (I believe that interface is present on DNS only as well, I don't have a server spun up with that on it right now and going off memory)
Ok fine, I read the new documentation..Actually, that's been updated on v84 by CPANEL-4727 in relation to the Feature Request here: https://jira.cpanel.net/browse/CPANEL-4727
It looks like this is still referenced in all the old documentation but it is not present in the new documentation:
The certificates you're showing me are all Self-Signed - if you run the following what is the output:
You can view this in our changelogs here: Change Logs - Change Logs - cPanel Documentation as well:
- Fixed case CPANEL-4727: Improve support for SSL hostname certificates on DNSONLY.
After I removed all the certificates in (certs & keys) folders, I tried to empty (ssl.db - ssl.db.cache) files too because the certificates were still appearing in WHMThe errors your received there are a result of port 80 being blocked. I believe we might have talked about this the other day and I told you, you wouldn't need it open, but in this instance (one I didn't think about) if the CNAME (DNS DCV) can't complete then the fallback is the HTTP request which must be completed over port 80.
Checking, the DNS record for your hostname there is indeed no CNAME record present.
The certs are present at:
I'd suggest if you do remove them, running the following immediately after:
Did you resolve the issue with port 80 or the CNAME record which is the reason why the certificate wasn't issued?But now, I still don't have any SSL certificates
I have a backup from (ssl.db), I can restore it and run the script commands again if you want.Right, you should not have tried to remove that database. It should have rebuilt it based on the output though.
As far as
Did you resolve the issue with port 80 or the CNAME record which is the reason why the certificate wasn't issued?
Yes, it was attempting to install a self-signed certificate.
You certainly can, if that's what you'd like to do. DCV checks would still need to be done as well as cPsrvd would still need to be started though so you'd run into the same issue you are experiencing with the Free Signed Sectigo certificate the system is attempting to provision.I can purchase a sentigo/commodo SSL and use it in the DNS server if there is an issue with the self-signed certificate..!
Ok, I understand you.cPanel error log should be located at
You certainly can, if that's what you'd like to do. DCV checks would still need to be done as well as cPsrvd would still need to be started though so you'd run into the same issue you are experiencing with the Free Signed Sectigo certificate the system is attempting to provision.
|Thread starter||Similar threads||Forum||Replies||Date|
|1||SOLVED cpanel login after AnonmousFox hack||Security||5|
|H||Cpanel Password changed Automatically||Security||3|
|H||Cpanel can't run my source code properly||Security||2|
|F||Block countries in cpanel||Security||2|
|T||Digital certificate for cPanel and Wordpress using wildcard||Security||5|