Endless issues with AutoSSL

Operating System & Version
CentOS v7.9.2009 STANDARD standard
cPanel & WHM Version
106.0.8

nickatsados

Registered
Apr 7, 2020
2
0
1
Washington, DC
cPanel Access Level
DataCenter Provider
Hi there. Hoping someone can help me here. For the past few months, I have been encountering endless issues with my AutoSSL. Usually its one of three errors either one after another or a combination. I'm using a test website as an example as I am yet unable to install an SSL certificate via Sectigo AutoSSL:

1. ERROR “www.domain.com” is unmanaged. Verify registration and authoritative nameserver configuration for this domain or “domain.com” to correct this problem.
2. WARN Local HTTP DCV error (www.domain.com): “www.domain.com” does not resolve to any IP addresses on the internet.
3. The “cPanel (powered by Sectigo)” provider cannot currently accept incoming requests. The system will try again later.

1. This domain is managed and resolves to an IP address
2. Why can't cPanel provider accept incoming requests? Restarting Apache and DNS servers seem to help with this but is there a rate limiter? I've tried installing the SSL about 20 times now.
3. I've tried disabling the CSF firewall, CPHulk and server-side firewall, no changes.

I'm on LAMP stack, PHP 7.4, CSF, NGINX mod, Cloudflare to host DNS.

What am I missing here?
 

Attachments

Last edited by a moderator:

cPRex

Jurassic Moderator
Staff member
Oct 19, 2014
12,498
1,970
363
cPanel Access Level
Root Administrator
Hey there! I edited your post to remove the public URL for security reasons, but I also dont see any external problems with the DNS for that domain. However, it seems like there is some type of local issue that is keeping the DNS from being properly detected.

Can you run this command to see if that provides you with the correct nameservers for the domain?

Code:
/usr/local/cpanel/3rdparty/bin/perl -MCpanel::DnsRoots -MData::Dumper -e 'print Dumper(Cpanel::DnsRoots->new()->get_nameservers_for_domain("domain.com"));'
Just replace "domain.com" with your actual domain name there. If this is working properly as you have described, I believe this will show the Cloudflare nameservers.

If that works well, try this command from your server to confirm you can connect to the root nameservers:

Code:
for i in {a..m}; do echo -n "$i: "; dig +short $i.root-servers.net @$i.root-servers.net; done
That will just show a list of IPs in the output, one for each root nameserver.

If both of those work well and return the expected results, please submit a ticket to our team so we can do some more investigating on our end.