Generating AutoSSL certificate before pointing traffic to server

G

greatwitenorth

Member
Feb 28, 2014
15
1
3
cPanel Access Level
Root Administrator
We are currently migrating a website to our cpanel server. We only have file access to the website so I cannot access the existing SSL certificates. Also the origin server is not Cpanel so I cannot simply do a transfer.

My question is how can I generate a SSL certificate using autossl prior to pointing traffic to the new server? I do have access to the DNS records of the domain. Is there any way I can get cpanel to do the verification via a DNS record?
 
Anupam SG

Anupam SG

Active Member
Aug 29, 2018
44
17
8
Earth
cPanel Access Level
Root Administrator
Let's say your old server has the domain domain.xyz
You need to create a A record in the DNS zone with IP of the new server and assign the address subdomain.domain.xyz in that record.
So the new subdomain, is now on the new server; while the old website sits where it was.
Now run AutoSSL. It should install SSL for domain.xyz on the new server.
Ofcourse you need to change the sub-domain to domain in DNS when you want to move the traffic to the new server.
 
cPanelLauren

cPanelLauren

Product Owner II
Staff member
Nov 14, 2017
13,266
1,304
363
Houston
@Anupam SG is correct! Thanks!

greatwitenorth said:
OK that's good to know. I didn't realize that AutoSSL would install a certificate for the entire domain despite only having the subdomain pointed to the server. Thanks!
Click to expand...
It'll issue a cert for the subdomain not for the root domain unless you can prove ownership of the domain. Basically whichever domain is pointed to the server.
 
G

greatwitenorth

Member
Feb 28, 2014
15
1
3
cPanel Access Level
Root Administrator
cPanelLauren said:
@Anupam SG is correct! Thanks!



It'll issue a cert for the subdomain not for the root domain unless you can prove ownership of the domain. Basically whichever domain is pointed to the server.
Click to expand...
Is it possible to prove ownership without pointing the main domain to the new server? We're basically trying to avoid 10-15mins of users seeing a SSL warning once we point the domain to the new server. We'd like to get the SSL cert sorted before pointing the main domain.
 
cPanelLauren

cPanelLauren

Product Owner II
Staff member
Nov 14, 2017
13,266
1,304
363
Houston
Hi @greatwitenorth


It might be if the DNS records are hosted locally on the server but the issue is that the free SSL DCV process just won't provision a certificate for a domain that doesn't resolve to the server. There are a couple of solutions you might want to look at:

1. You might check to see if the current SSL certificate can be copied from the old server to the new server

2. You could implement something like CloudFlare which issues it's own free SSL certificate, so during the migration, you wouldn't really need to worry about timing of the provisioning of the certificate.


Thanks!
 
You must log in or register to reply here.
Thread starter Similar threads Forum Replies Date
A AutoSSL not generating certificate for domains with previous external certificates (cPanel or ZeroSSL), even after expiration or deletion Security 1
G SOLVED AutoSSL not generating cert after 24 hours Security 9
S Generating AutoSSL Certificate Failing Security 1
C SOLVED AutoSSL generating certificate with multiple TLD's Security 5
Jafar Muhammed AutoSSL is generating a self signed certificate Security 6
Similar threads
AutoSSL not generating certificate for domains with previous external certificates (cPanel or ZeroSSL), even after expiration or deletion
SOLVED AutoSSL not generating cert after 24 hours
Generating AutoSSL Certificate Failing
SOLVED AutoSSL generating certificate with multiple TLD's
AutoSSL is generating a self signed certificate
Top Bottom