SOLVED Failing to acquire SSL on DNSONLY server

Noxwaste

Registered
Mar 3, 2022
3
1
3
United Statues
cPanel Access Level
Root Administrator
Not sure if this is the right forum, but I currently have two DNSONLY servers setup for my nameservers: ns1.domain.com and ns2.domain.com. The NS1 DNSONLY server acquired an SSL certificate without any issues. However on the NS2 server, since I set it up about a month ago, it has failed to get an SSL every night and I get an e-mail every night with the following info:

The system failed to acquire a signed certificate from the cPanel Store because of the following error: The system failed to acquire a signed certificate from the cPanel Store. at bin/checkallsslcerts.pl line 653.

Can someone point me in the right direction of which log files you might need, as well as how to go about getting this resolved? From what I can tell, the server is setup fine as I followed all of the exact same instructions for NS2 as I did for NS1.

Thanks!
 

Maxin John

Member
Jan 5, 2022
5
8
3
India
cPanel Access Level
Root Administrator
HI,
1) make sure the A record/cnames are correctly pointed to the server
2) make sure the hostname is correct ( fully qualified domain name )
3) then try to install ssl using following command
Code:
  /usr/local/cpanel/bin/checkallsslcerts
 

Noxwaste

Registered
Mar 3, 2022
3
1
3
United Statues
cPanel Access Level
Root Administrator
I went through and checked everything. Here is the info:

1. All DNS entries are correct and present. I checked inside of WHM's DNS Zone Manager and both ns1.domain.com and ns2.domain.com match exactly, except for the IP addresses, which both have different public IP addresses.

2. The hostname looks like this:

[[email protected] ~]# hostnamectl
Static hostname: ns2.domain.com
Icon name: computer-vm
Chassis: vm
Machine ID: 0217712f4e6c47908a53ba7609105463
Boot ID: 4ffc906d9e8b4b36a0423927c1060012
Virtualization: qemu
Operating System: CentOS Linux 7 (Core)
CPE OS Name: cpe:/o:centos:centos:7
Kernel: Linux 3.10.0-1160.59.1.el7.x86_64
Architecture: x86-64
[[email protected] ~]# hostname
ns2.domain.com


3. And the output from your command gives me this:

[[email protected] ~]# /usr/local/cpanel/bin/checkallsslcerts
The system will check for the certificate for the “cpanel” service.
The system will attempt to replace the self-signed certificate for the “cpanel” service with a signed certificate from the cPanel Store.
The system will attempt to install a certificate for the “cpanel” service from the system ssl storage.
None of the certificates in the system ssl storage were acceptable to use for the “cpanel” service.
The system will attempt to install a certificate for the “cpanel” service from the cPanel store.
[WARN] The system failed to acquire a signed certificate from the cPanel Store because of the following error: The system failed to acquire a signed certificate from the cPanel Store. at bin/checkallsslcerts.pl line 653.

The system will check for the certificate for the “exim” service.
The system will attempt to replace the self-signed certificate for the “exim” service with a signed certificate from the cPanel Store.
The system will attempt to install a certificate for the “exim” service from the system ssl storage.
None of the certificates in the system ssl storage were acceptable to use for the “exim” service.
 

Noxwaste

Registered
Mar 3, 2022
3
1
3
United Statues
cPanel Access Level
Root Administrator
Waaaaiiiiittttttt I think I got it figured out. I did a Google search for the error and found this thread and response:


Figuring it couldn't mess anything up anymore, I went ahead and ran the command:

mv /var/cpanel/hostname_cert_csrs{,.cpbkp} -v ‘/var/cpanel/hostname_cert_csrs’ -> ‘/var/cpanel/hostname_cert_csrs.cpbkp’

Once that renamed the hostname_cert_csrs directory, I ran the following command:

/usr/local/cpanel/bin/checkallsslcerts --verbose

Everything went through just fine, and it looks as if my ns2 server now has the signed certificate. Thanks for sort of leading me in the right direction!
 
  • Like
Reactions: cPRex