The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Free hostname certificates not updating

Discussion in 'Security' started by xanadu, Mar 3, 2017.

Tags:
  1. xanadu

    xanadu Member

    Joined:
    Sep 25, 2006
    Messages:
    11
    Likes Received:
    0
    Trophy Points:
    151
    For one of our VPS the Comodo certificate for the hostname, expired 4 days ago and the AutoSSL did not install the certificate and as a result we get security warnings when we attempt to log into WHM via HTTPS

    AutoSSL is working great on all our other servers and I cannot see any setting differences, I am hoping the brains trusts in this forum can give me a clue as to how to remedy this issue.
     
  2. Jcats

    Jcats Well-Known Member

    Joined:
    May 25, 2011
    Messages:
    588
    Likes Received:
    88
    Trophy Points:
    153
    Location:
    New Jersey
    cPanel Access Level:
    DataCenter Provider
    What happens if you run:

    Code:
    # /usr/local/cpanel/bin/checkallsslcerts
    Can you provide the output
     
  3. xanadu

    xanadu Member

    Joined:
    Sep 25, 2006
    Messages:
    11
    Likes Received:
    0
    Trophy Points:
    151
    Thyanks for your interest jcats.

    Unfortunately nothing happens when I run
    # /usr/local/cpanel/bin/checkallsslcerts, there is no output.
     
  4. Jcats

    Jcats Well-Known Member

    Joined:
    May 25, 2011
    Messages:
    588
    Likes Received:
    88
    Trophy Points:
    153
    Location:
    New Jersey
    cPanel Access Level:
    DataCenter Provider
    That usually is a good sign, that there is nothing left to do.

    Go into WHM > Service Configuration » Manage Service SSL Certificates

    Click reset on one of the services, then click "Apply Certificate to Another Service" on that same service and apply to all of them.

    Once that is done, then run

    Code:
    # /usr/local/cpanel/bin/checkallsslcerts
    again

    What version of cPanel are you running also?
     
  5. smurf

    smurf Member

    Joined:
    Jun 4, 2009
    Messages:
    10
    Likes Received:
    0
    Trophy Points:
    51
    We've experienced this issue as well with the latest cPanel 62.

    We resolved it using the steps below:

    1. Delete the old externally issued host name cert from the following locations:

    Code:
    /var/cpanel/ssl/domain_tls/
    Code:
    /var/cpanel/ssl/installed/
    2. Delete all 'mycpanel' .pem files from the following directory

    Code:
    /var/cpanel/ssl/cpanel/
    3. Run:
    Code:
    /usr/local/cpanel/bin/checkallsslcerts
    Open your WHM / cPanel and hopefully the expired SSL warnings will have gone and you'll see your cPanel issued hostname cert.
     
  6. cPanelNick

    cPanelNick Administrator
    Staff Member

    Joined:
    Mar 9, 2015
    Messages:
    3,451
    Likes Received:
    12
    Trophy Points:
    148
    cPanel Access Level:
    DataCenter Provider
    If you are having a problem getting a free hostname certificate to renew, please open a ticket in WHM or at cPanel Customer Portal with the output of:

    /usr/local/cpanel/bin/checkallsslcerts --verbose
     
  7. xanadu

    xanadu Member

    Joined:
    Sep 25, 2006
    Messages:
    11
    Likes Received:
    0
    Trophy Points:
    151
    Thanks everybody, it looks like a time issue: I checked all servers at 0500 AEST and the server that was out of step, no longer has an issue. I guess it was a cPanel timing issue!

    Cheers all.
     
  8. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    37,064
    Likes Received:
    1,287
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello @xanadu,

    I'm happy to see you were able to address the issue.

    I encourage anyone else experiencing this issue to open a support ticket using the link in my signature, ensuring to include the output from the following command:

    Code:
     /usr/local/cpanel/bin/checkallsslcerts --verbose 
    You can also post the ticket number here so we can update this thread with the outcome.

    Thank you.
     
  9. Luke P

    Luke P Registered

    Joined:
    Mar 14, 2017
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Brisbane
    cPanel Access Level:
    Root Administrator
    Hi,

    I'm experiencing this issue. I just ordered a dedicated server last week and had to go through some DNS changes which only happened today after updating the nameservers.

    I've updated the hostname and tried many different steps with no luck.

    I have 2 other dedicated servers that have cPanel issued certs for the hostnames with no issues, so I am a bit puzzled.

    My output for the checkallsslcerts --verbose is as follows:

    The system will attempt to replace the self-signed certificate for the “dovecot” service with a signed certificate from the cPanel Store.
    The system will attempt to replace the self-signed certificate for the “cpanel” service with a signed certificate from the cPanel Store.
    The system will attempt to replace the self-signed certificate for the “ftp” service with a signed certificate from the cPanel Store.
    The system will attempt to replace the self-signed certificate for the “exim” service with a signed certificate from the cPanel Store.
    The cPanel Store is processing the hostname certificate request.
    The system will check the cPanel Store again the next time that “/usr/local/cpanel/bin/checkallsslcerts” runs.

    I've even run an update on cPanel as my host advised that the certs normally get done overnight but I can trigger this manually by running the cPanel update but still no luck.

    "/usr/local/cpanel/scripts/upcp"

    Is this just because the DNS is still updating as that was only done a few hours earlier?

    I do have a firewall on which I have restricted heavily due to the nature of the site to be hosted on it but I even disabled this during my investigation and updates etc with no luck.

    Thanks in advance for any guidance you can provide.


    P.S. Huge fan of cPanel / WHM and to be honest... I've never encountered something I couldn't resolve until now so I've never had a need to post. Seriously amazing work though peeps! :)
     
  10. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    37,064
    Likes Received:
    1,287
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello,

    It's possible that's the reason. Can you confirm if the issue still persists at this time? If so, feel free to open a support ticket using the link in my signature if you'd like us to take a closer look.

    Thank you.
     
Loading...

Share This Page