How to install the SSL certificate for all subdomains?

leobibiano

Member
Sep 7, 2020
24
5
3
Brazil
cPanel Access Level
DataCenter Provider
CPanel automatically installed the SSL certificate in the primary domain. So far so good (attached image).

However, the problem is in the subdomains. For example: sandbox.
In Manage SSL Hosts, everything is fine with the SSL from sandbox. (attached image). But when I access it through the browser, the "Not secure" message continues (image attached).

In another cPanel account that I used, the certificate was installed automatically and always contained the message "Secure". But I'm having problems with this one.

Could it be some misconfiguration? Can someone help me? I have access to the WHM root user.

Thank you.
 

Attachments

Last edited by a moderator:

kodeslogic

Active Member
Apr 26, 2020
37
8
83
India
cPanel Access Level
Root Administrator
Currently, the SSL you have on sandbox.patamar.app.br is self-signed certificate and not certificate authority (CA) issued for which the browser won't show a secure green padlock.

You can uninstall the current self-signed certificate and reinstall the SSL from AutoSSL option in WHM WHM > SSL-TLS > Manage AutoSSL

 

leobibiano

Member
Sep 7, 2020
24
5
3
Brazil
cPanel Access Level
DataCenter Provider
Currently, the SSL you have on sandbox.patamar.app.br is self-signed certificate and not certificate authority (CA) issued for which the browser won't show a secure green padlock.

You can uninstall the current self-signed certificate and reinstall the SSL from AutoSSL option in WHM WHM > SSL-TLS > Manage AutoSSL
Thanks for the answer.

I performed the procedure as instructed, now it appears that it was issued by cPanel but still the message "Not secure". (Attached image)
 

Attachments

kodeslogic

Active Member
Apr 26, 2020
37
8
83
India
cPanel Access Level
Root Administrator
From what I see AutoSSL is yet not installed for sub-domain sandbox.
 

Attachments

Last edited by a moderator:

leobibiano

Member
Sep 7, 2020
24
5
3
Brazil
cPanel Access Level
DataCenter Provider
From what I see AutoSSL is yet not installed for sub-domain sandbox.patamar.app.br
I'll tell you what procedures I did:

In cPanel, I entered Manage SSL Hosts, clicked on Unistall in the line where there was a certificate installed for sandbox.
Then, the line that included the installation of this subdomain disappeared.

Then I accessed WHM -> SSL / TLS -> Manage AutoSSL and clicked on Run AutoSSL For All Users. The message "AutoSSL is now checking all users. The process has ID 19138."

That's what I did. Is correct?
 
Last edited by a moderator:

kodeslogic

Active Member
Apr 26, 2020
37
8
83
India
cPanel Access Level
Root Administrator
Yes, that is correct. If there are many accounts then process ID 19138 may take some time, wait till it completes.
Just running AutoSSL for "patamar" only would be quicker.
 

leobibiano

Member
Sep 7, 2020
24
5
3
Brazil
cPanel Access Level
DataCenter Provider
Yes, that is correct. If there are many accounts then process ID 19138 may take some time, wait till it completes.
Just running AutoSSL for "patamar" only would be quicker.
I only have this account with this primary domain.
I checked the list of ongoing processes, ID 19138 is not there, I believe it has already been finalized.

Is there anything else that can be done?
 
Last edited by a moderator:

leobibiano

Member
Sep 7, 2020
24
5
3
Brazil
cPanel Access Level
DataCenter Provider
Please share AutoSSL logs for analysis.
***Moderator note: I've removed the log entries with the domain name but the primary error is the following:
Code:
WARN Sectigo HTTP DCV verification failure (www.ss.subdomain.tl.d): (XID zyrkx3) The system failed to set the permissions on “/home/patamarapp/public_html/sistema_imobiliario/patamar-adm/.well-known/pki-validation” to “0755” (as EUID: 1002, EGID: 1004 1004) because of the following error: Operation not permitted
 
Last edited by a moderator:

kodeslogic

Active Member
Apr 26, 2020
37
8
83
India
cPanel Access Level
Root Administrator
Please review the ownership values configured on the /home/patamarapp/public_html/sistema_imobiliario/patamar-adm/.well-known/pki-validation directory to ensure they are owned by the account user and share output for the below command:

Code:
lsattr -d /home/patamarapp/public_html/sistema_imobiliario/patamar-adm/.well-known/pki-validation
 
  • Like
Reactions: cPanelLauren

cPanelLauren

Technical Support Community Manager
Staff member
Nov 14, 2017
13,041
1,206
313
Houston
@kodeslogic has the right of it, this isn't a DCV failure it looks like an ownership issue or an inability to modify the file within that directory.
 

leobibiano

Member
Sep 7, 2020
24
5
3
Brazil
cPanel Access Level
DataCenter Provider
Please review the ownership values configured on the /home/patamarapp/public_html/sistema_imobiliario/patamar-adm/.well-known/pki-validation directory to ensure they are owned by the account user and share output for the below command:

Code:
lsattr -d /home/patamarapp/public_html/sistema_imobiliario/patamar-adm/.well-known/pki-validation
I tried to run the suggested code, but I received the following error:

Code:
lsattr: Permission denied while trying to stat /home/patamarapp/public_html/sistema_imobiliario/patamar-adm/.well-known/pki-validation
I ran it through the root user. I should have permission for everything, right?
 

kodeslogic

Active Member
Apr 26, 2020
37
8
83
India
cPanel Access Level
Root Administrator

leobibiano

Member
Sep 7, 2020
24
5
3
Brazil
cPanel Access Level
DataCenter Provider
Yes, As a root user you should have all permission.

You can contact a certified System Administrator to help you with this Or Open a ticket to cPanel Support Team
I think I managed to execute it by inserting the command "sudo" before the main one.

He returned to me like this:

Code:
---------------- /home/patamarapp/public_html/sistema_imobiliario/patamar-adm/.well-known/pki-validation
What do I do now? Do I try to run AutoSSL again?
 

kodeslogic

Active Member
Apr 26, 2020
37
8
83
India
cPanel Access Level
Root Administrator
Execute below two commands in the given sequence

Code:
cd /home/patamarapp/public_html/sistema_imobiliario/patamar-adm/
find . -type d -exec chmod 755 {} \;
After this again check output it should as below
Code:
lsattr -d /home/patamarapp/public_html/sistema_imobiliario/patamar-adm/.well-known/pki-validation

drwxr-xr-x /home/patamarapp/public_html/sistema_imobiliario/patamar-adm/.well-known/pki-validation
FYI: Use sudo if required.
 

leobibiano

Member
Sep 7, 2020
24
5
3
Brazil
cPanel Access Level
DataCenter Provider
Execute below two commands in the given sequence

Code:
cd /home/patamarapp/public_html/sistema_imobiliario/patamar-adm/
find . -type d -exec chmod 755 {} \;
After this again check output it should as below
Code:
lsattr -d /home/patamarapp/public_html/sistema_imobiliario/patamar-adm/.well-known/pki-validation

drwxr-xr-x /home/patamarapp/public_html/sistema_imobiliario/patamar-adm/.well-known/pki-validation
FYI: Use sudo if required.
I executed the commands as you instructed me.

Below are the returns:

Code:
[[email protected] patamar-adm]$ find . -type d -exec chmod 755 {} \;
[[email protected] patamar-adm]$ lsattr -d /home/patamarapp/public_html/sistema_imobiliario/patamar-adm/.well-known/pki-validation
---------------- /home/patamarapp/public_html/sistema_imobiliario/patamar-adm/.well-known/pki-validation
[[email protected] patamar-adm]$ drwxr-xr-x /home/patamarapp/public_html/sistema_imobiliario/patamar-adm/.well-known/pki-validation
-bash: drwxr-xr-x: command not found
[[email protected] patamar-adm]$
 

leobibiano

Member
Sep 7, 2020
24
5
3
Brazil
cPanel Access Level
DataCenter Provider
I think I solved it. I removed the pki-validation folder and started AutoSSL.
Apparently he created a new one, without permission problems.

I looked in my cPanel, all subdomains are valid AutoSSL now.
However, accessing through the browser still counts as "Not secure". Is it necessary to wait a while to be propagated?
 

kodeslogic

Active Member
Apr 26, 2020
37
8
83
India
cPanel Access Level
Root Administrator