cPanel & WHM’s AutoSSL/SSL ordering process

cPTravis

Technical Analyst
Staff member
Jun 12, 2016
6
3
78
Houston
cPanel Access Level
Root Administrator
With the release of cPanel/WHM v.58 we've introduced a new feature called AutoSSL as well as the ability to purchase SSLs directly through the cPanel store. Customers and users of cPanel/WHM can now easily secure their websites! As with many new features, I am very excited about this one and I wanted to provide some further details and information on each steps of the SSL provisioning process. In particular, have you ever wondered why your SSL has not been issued or installed yet? The following information should help you ensure your system and websites are ready to be secured!

cPanel has partnered with Comodo to make these features happen and the SSLs themselves are being issued by Comodo. Our system interfaces with theirs to make the request for the certificate and to fetch it and install it on your website. When you purchase and order an SSL or when the AutoSSL system picks up that your domain requires an SSL, a request for the SSL gets sent to Comodo and a .txt file gets placed into the document root (typically your public_html folder) directory for your site. The file will have a unique name and a unique string of characters in it such as the following:

Code:
# cat CC20FCF2B56C2415C1EAD3EA2B153451.txt
7d79eda41d6305d274e012045d54dfe78656c40f
Once the vetting process for the SSL has gone through (this can take up to 24-48 hours, but is usually much quicker), Comodo will make an attempt to access the .txt file (using cURL) to ensure that they are able to retrieve the unique string contained within the file. The most common issue that we have seen regarding this process is that Comodo is not always able to retrieve this file due to .htaccess rules being in place to prevent either the Comodo User-Agent from reaching sites on your server or redirect rules being in place to prevent the cURL command from going through properly.
If you are waiting for a certificate to go through, two things that you can do to ensure that this process goes as smoothly as possible are:

1. Ensure that the following cURL command is able to retrieve the unique string in the .txt file:

Code:
curl --user-agent "COMODO DCV" --insecure --max-time 10 --retry 0 http://YOUR_DOMAIN.TLD/THE_TEXT_FILE.txt
2. Verify that Comodo’s IPs are able to reach your server. You may need to whitelist them in your firewall.

178.255.81.12
178.255.81.13
91.199.212.132
199.66.201.132

That’s basically it! Once Comodo is able to cURL the aforementioned URL, and retrieve the unique string of characters from it's file, it will issue the SSL to your server. From there, cPanel will automatically install the SSL for you and the process is completed!

Of course, if you have followed these steps and the SSL has still not been installed on your system, then our support staff is always available. Feel free to open a support ticket using the Submit A Support Ticket URL, ensuring you follow the guidelines from our Getting the Most From cPanel Support thread.