Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Domain failed domain control validation - domain does not resolve

Discussion in 'Security' started by Hays Sleiman, Mar 21, 2018.

Tags:
  1. Hays Sleiman

    Hays Sleiman Active Member

    Joined:
    Jan 19, 2016
    Messages:
    25
    Likes Received:
    1
    Trophy Points:
    3
    Location:
    Australia
    cPanel Access Level:
    Root Administrator
    Hello,

    All of a sudden my AutoSSL on my WHM server is unable to resolve the domains for my accounts.

    I get the following error:

    Code:
     8:53:20 AM The website “domain.com.au”, owned by “cu140701”, has a faulty SSL certificate (OPENSSL_VERIFY:0:10:CERT_HAS_EXPIRED NOT_ALL_DOMAINS ALMOST_EXPIRED AUTOSSL_READY_FOR_RENEWAL). AutoSSL will attempt to replace this certificate.
     8:53:21 AM WARN The domain “mail.domain.com.au” failed domain control validation: “mail.domain.com.au” does not resolve to any IPv4 addresses on the internet.
    However, the mail.domain.com.au DNS entry for that account definitely points to the server and I can ping it just fine and it resolves to that same mail server.

    This server only hosts mail so all the accounts have websites on a different server but all their mail.domain A records resolve to this mail server.

    I haven't had an issue before but all of a sudden all the accounts that have expired SSL certs are having the same issue and the server gives the "does not resolve to any IPv4" error for all of them.

    My cPanel version is: 11.68.0.33

    Any help would be much appreciated :)

    Thank you.
     
  2. Hays Sleiman

    Hays Sleiman Active Member

    Joined:
    Jan 19, 2016
    Messages:
    25
    Likes Received:
    1
    Trophy Points:
    3
    Location:
    Australia
    cPanel Access Level:
    Root Administrator
    This issue is happening to all the domains on the server. But I've SSH'd in to the server and ran curl and ping on one of the domains. It seems to be okay, yet when i run AutoSSL on it, it still says doesn't resolve to an IP4 address on this server. I don't understand and this issue is starting to be a problem because all our customers' emails are being ignored by Outlook because of the bad SSL cert.

    Here are the results for the commands:

    Code:
    [root@ms1 ~]# curl -v mail.domain.com.au
    * About to connect() to mail.domain.com.au port 80 (#0)
    *   Trying X.X.X.207...
    * Connected to mail.domain.com.au (X.X.X.207) port 80 (#0)
    > GET / HTTP/1.1
    > User-Agent: curl/7.29.0
    > Host: mail.domain.com.au
    > Accept: */*
    >
    < HTTP/1.1 200 OK
    < Date: Thu, 22 Mar 2018 10:53:29 GMT
    < Server: Apache
    < Content-Length: 623
    < Content-Type: text/html;charset=ISO-8859-1
    <
    <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
    <html>
     <head>
      <title>Index of /</title>
     </head>
     <body>
    <h1>Index of /</h1>
      <table>
       <tr><th valign="top">&nbsp;</th><th><a href="?C=N;O=D">Name</a></th><th><a href="?C=M;O=A">Last modified</a></th><th><a href="?C=S;O=A">Size</a></th><th><a href="?C=D;O=A">Description</a></th></tr>
       <tr><th colspan="5"><hr></th></tr>
    <tr><td valign="top">&nbsp;</td><td><a href="cgi-bin/">cgi-bin/</a>               </td><td align="right">2018-03-20 14:40  </td><td align="right">  - </td><td>&nbsp;</td></tr>
       <tr><th colspan="5"><hr></th></tr>
    </table>
    </body></html>
    * Connection #0 to host mail.domain.com.au left intact
    [root@ms1 ~]# ping mail.domain.com.au
    PING ms1.domain.com.au (X.X.X.207) 56(84) bytes of data.
    64 bytes from ms1.domain.com.au (X.X.X.207): icmp_seq=1 ttl=64 time=0.035 ms
    64 bytes from ms1.domain.com.au (X.X.X.207): icmp_seq=2 ttl=64 time=0.065 ms
    64 bytes from ms1.domain.com.au (X.X.X.207): icmp_seq=3 ttl=64 time=0.038 ms
    64 bytes from ms1.domain.com.au (X.X.X.207): icmp_seq=4 ttl=64 time=0.047 ms
    64 bytes from ms1.domain.com.au (X.X.X.207): icmp_seq=5 ttl=64 time=0.045 ms
    ^C
    --- ms1.serverpoint.com.au ping statistics ---
    5 packets transmitted, 5 received, 0% packet loss, time 3999ms
    rtt min/avg/max/mdev = 0.035/0.046/0.065/0.010 ms
    [root@ms1 ~]#
    Please any help would be appreciated. Thank you.
     
  3. Hays Sleiman

    Hays Sleiman Active Member

    Joined:
    Jan 19, 2016
    Messages:
    25
    Likes Received:
    1
    Trophy Points:
    3
    Location:
    Australia
    cPanel Access Level:
    Root Administrator
    I have opened a support ticket for this issue, but any tips in the meantime would be great.
     
  4. cPanelMichael

    cPanelMichael Technical Support Community Manager
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    44,803
    Likes Received:
    1,898
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hello,

    It looks like we've responded to the support ticket. I'll continue to monitor the ticket and update this thread with the outcome once it's complete.

    Thanks!
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  5. cPanelMichael

    cPanelMichael Technical Support Community Manager
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    44,803
    Likes Received:
    1,898
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hello,

    To update, it looks like this was determined to relate to an internal case associated with AutoSSL and certain CNAME records. It's fixed in cPanel & WHM version 70:

    Fixed case CPANEL-17973: Fix recursive DNS resolver’s handling of CNAME records.

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice