Jun 21, 2018
17
2
3
UK
cPanel Access Level
Root Administrator
I've deployed 2 fresh cPanel DNS Only boxes, let's call them ns1.mydomain.com and ns2.mydomain.com
I've followed the same process on both.

On ns2.mydomain.com the SSL is auto installed and is working nicely.
In "Manage Service SSL Certificates" in the "Certificate Properties" column it lists ns2.mydomain.com along with several subdomains of this, and x-x-x-x.cprapid.com

On ns1.mydomain.com, the SSL is not working. In the same area as above the "Certificate Properties" column just has "ns1.mydomain.com" and nothing else.

I've tried running "/usr/local/cpanel/bin/checkallsslcerts" but this does nothing.
If I click the "Browse Certificates" button several self-signed certificates show up. The only cPanel Inc certificate is for the xx-xx-xx-xx.cprapid.com with no mention of ns1.mydomain.com

I've checked the servers hostname both in cPanel and via CLI and it's correct. I've also rebooted the server a couple of times.

Thanks
 
Jun 21, 2018
17
2
3
UK
cPanel Access Level
Root Administrator
No errors... here's the output...

The system will check for the certificate for the “cpanel” service.
The system will attempt to verify that the certificate for the “cpanel” service is still valid using OCSP (Online Certificate Status Protocol).
The certificate for the “cpanel” service passed all checks.
The system will check for the certificate for the “exim” service.
The system will attempt to verify that the certificate for the “exim” service is still valid using OCSP (Online Certificate Status Protocol).
The certificate for the “exim” service passed all checks.
 

cPRex

Jurassic Moderator
Staff member
Oct 19, 2014
12,499
1,971
363
cPanel Access Level
Root Administrator
That's interesting - it looks to me, and this is a guess without seeing the server, that the hostname is not configured properly somewhere to use the ns1.domain.com name, so it is just scanning the SSL with the cprapid hostname.

Could you open a ticket with our team so we can investigate this?
 

ejsolutions

Well-Known Member
Jan 6, 2013
77
32
68
cPanel Access Level
Root Administrator
On this subject..
The checkallsslcert could do with a test for DNSOnly and not check for irrelevant subdomains/services, such as calendars/www/cpanel.
Just a thought.
 

cPRex

Jurassic Moderator
Staff member
Oct 19, 2014
12,499
1,971
363
cPanel Access Level
Root Administrator
The tool will check any domains that are setup on the server. If the domains don't exist, I don't think it checks them - as in, I don't believe we add in the other subdomains by default unless they have been created somewhere.