HELP: Potential reduced AutoSSL coverage

nvventul

Registered
Jul 12, 2021
2
0
1
United Kingdom
cPanel Access Level
Website Owner
I am a complete noob, so I would appreciate your help with an issue related to my firm's website. Since a couple of days ago I am receiving multiple daily emails with the message on Potential reduced AutoSSL coverage.

domain.com : AutoSSL would normally renew this certificate now, but 1 of the website’s secured domains just failed DCV. To provide you with more time to resolve this problem, AutoSSL will defer the renewal until Jul 14, 2021 at 12:00:00 AM UTC. After that time, AutoSSL will request a replacement certificate that excludes any domains that fail DCV. At the time of this notice, the certificate will expire in 4 days, 15 hours, 2 minutes, and 25 seconds.


AutoSSL did not renew the certificate for “domain.com”. You must take action to keep this site secure.

The “cPanel” AutoSSL provider could not renew the SSL certificate without a reduction of coverage because of the following problem:

DNS DCV: No local authority: “www.domain.com”; HTTP DCV: The system queried for a temporary file at “https://www.domian.com/.well-known/pki-validation/DA245D3A2D94314AAF49C0D3E0043E1B.txt”, which was redirected from “http://www.domain.com/.well-known/pki-validation/DA245D3A2D94314AAF49C0D3E0043E1B.txt”. The web server responded with the following error: 404 (Not Found). A DNS (Domain Name System) or web server misconfiguration may exist. The domain “www.domain.com” resolved to an IP address “1.2.3.4” that does not exist on this server.


Can you please advise how to resolve this issue? If I understand correctly in a couple of days anyone that vistis my website will get security warning, which will greatly reduce my traffic.

Thank you for your help

Nick
 
Last edited by a moderator:

cPRex

Jurassic Moderator
Staff member
Oct 19, 2014
6,923
912
313
cPanel Access Level
Root Administrator
Hey there! It looks like the https redirection is breaking the "www" portion of the domain, so you may want to check how the site is being redirected, as the AutoSSL verification checks do not work well with redirects in place.
 

nvventul

Registered
Jul 12, 2021
2
0
1
United Kingdom
cPanel Access Level
Website Owner
Many thanks for your quick answer. Can you please point me, is this redirection typically done at Squarespace or at hosting level - i.e. cPanel DNS Zone Editor? Are there any specific DNS entries to look for?
Cheers
 

cPRex

Jurassic Moderator
Staff member
Oct 19, 2014
6,923
912
313
cPanel Access Level
Root Administrator
That part I wouldn't be entirely sure on. It isn't something that would be related to DNS though, as it would most likely be in the .htaccess file for the domain, or even in the software you are using. For example, I use WordPress for one of my personal sites and I have the Really Simple SSL and that works just fine with AutoSSL.

You may want to speak with the host to see if they have more details on their end - if it is something on their side it is likely an issue they have run into before.