Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Hostname AutoSSL is not being renewed

Discussion in 'Security' started by kevinlevin, Dec 6, 2017.

Tags:
  1. kevinlevin

    kevinlevin Member

    Joined:
    Oct 27, 2011
    Messages:
    23
    Likes Received:
    0
    Trophy Points:
    51
    cPanel Access Level:
    Root Administrator
    Hello,

    On some of our servers hostname SSL is not being renewed while users SSL certificates are working properly.

    The following command:
    Code:
    /usr/local/cpanel/bin/checkallsslcerts
    is giving an error:

    Code:
    The system will check for the certificate for the “cpanel” service.
    The system will attempt to replace the self-signed certificate for the “cpanel” service with a signed certificate from the cPanel Store.
    The system will attempt to install a certificate for the “cpanel” service from the system ssl storage.
    None of the certificates in the system ssl storage were acceptable to use for the “cpanel” service.
    The system will attempt to install a certificate for the “cpanel” service from the cPanel store.
    [WARN] The system failed to acquire a signed certificate from the cPanel Store because of the following error: (XID ehzt2v) The system queried for a temporary file at “http://myhostname.com/.well-known/pki-validation/42FF3F380EC45A40DC099DA42C974D81.txt”, but the web server responded with the following error: 400 (Bad Request). A DNS (Domain Name System) or web server misconfiguration may exist.
    The system will check for the certificate for the “dovecot” service.
    The system will attempt to replace the self-signed certificate for the “dovecot” service with a signed certificate from the cPanel Store.
    The system will attempt to install a certificate for the “dovecot” service from the system ssl storage.
    None of the certificates in the system ssl storage were acceptable to use for the “dovecot” service.
    The system will check for the certificate for the “exim” service.
    The system will attempt to replace the self-signed certificate for the “exim” service with a signed certificate from the cPanel Store.
    The system will attempt to install a certificate for the “exim” service from the system ssl storage.
    None of the certificates in the system ssl storage were acceptable to use for the “exim” service.
    The system will check for the certificate for the “ftp” service.
    The system will attempt to replace the self-signed certificate for the “ftp” service with a signed certificate from the cPanel Store.
    The system will attempt to install a certificate for the “ftp” service from the system ssl storage.
    None of the certificates in the system ssl storage were acceptable to use for the “ftp” service.
    The contents of this file: myhostname.com/.well-known/pki-validation/42FF3F380EC45A40DC099DA42C974D81.txt
    [/B]
    is as follows:

    Code:
    Error 400: Bad Request
    
    No cPanel user controls a local domain called “myhostname.com”.
    Apache is also giving an error:

    Code:
    [Wed Dec 06 11:33:09.077491 2017] [cgi:error] [pid 18773] [client myip:47912] AH01215: 400: No cPanel user controls a local domain called \xe2\x80\x9cmyhostname.com\xe2\x80\x9d. at cgi-priv/get_local.cgi.pl line 147.: /usr/local/cpanel/cgi-priv/get_local.cgi
    
    Someone else with this problem?
     
    #1 kevinlevin, Dec 6, 2017
    Last edited by a moderator: Dec 6, 2017
  2. cPanelMichael

    cPanelMichael Technical Support Community Manager
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    44,827
    Likes Received:
    1,898
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hello,

    This looks to relate to the lack of a cPanel account for the parent domain name associated with the server's hostname, however this bug should be resolved in newer versions of cPanel. Can you verify which version of cPanel is installed on this system?

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. kevinlevin

    kevinlevin Member

    Joined:
    Oct 27, 2011
    Messages:
    23
    Likes Received:
    0
    Trophy Points:
    51
    cPanel Access Level:
    Root Administrator
    Hi,

    All are running latest version 68.0.19 and bug showed up only on renewing.

    Can you suggest a workaround?
     
  4. cPanelMichael

    cPanelMichael Technical Support Community Manager
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    44,827
    Likes Received:
    1,898
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hello,

    Could you open a support ticket using the link in my signature so we can take a closer look to see why domain validation is failing for the hostname?

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice