The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Let's encrypt AutoSSL check failing

Discussion in 'Security' started by Vijai, Aug 18, 2016.

  1. Vijai

    Vijai Member

    Joined:
    Jul 2, 2016
    Messages:
    5
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    India
    cPanel Access Level:
    Root Administrator
    Hello,
    I turned on autoSSL for one of cpanel users in whm and then ran the check and then its throwing me few errors on subdomains which I havent even created. The error is below:

    - Removed Please edit all actual domain names from output before posting -

    How could I solve this thing?

    Here is the error with domain name replaced:

    Code:
    [CODE]2:24:02 AM This system has AutoSSL set to use “Let’s Encrypt™”.
    2:24:02 AM Checking websites for “user” …
    2:24:04 AM The website “wiki.maindomain.com”, owned by “user”, has a valid SSL certificate, but additional SSL coverage may be possible for the domain “www.wiki.maindomain.com”. The system will attempt to replace this certificate with one that includes this additional domain.
    2:24:04 AM The website “addon1.maindomain.com”, owned by “user”, has no SSL certificate. AutoSSL will attempt to obtain a new certificate and install it.
    2:24:04 AM The website “maindomain.com”, owned by “user”, has a valid SSL certificate, but additional SSL coverage may be possible for the domain “ipv6.maindomain.com”. The system will attempt to replace this certificate with one that includes this additional domain.
    2:24:04 AM WARN The domain “addon1.com” has failed domain control validation (The content “<html><head><META HTTP-EQUIV="refresh" CONTENT="0;URL=/cgi-sys/defaultwebpage.cgi"></head><body></body></html>” of the <abbr title="Domain Control Validation">DCV</abbr> file, as accessed at “<a href="http://addon1.com25914.BIN_AUTOSSL_CHECK_PL__.iDZNUwGuVZK2VqC0.tmp">http://addon1.com25914.BIN_AUTOSSL_CHECK_PL__.iDZNUwGuVZK2VqC0.tmp</a>” and redirected from “<a href="http://addon2.com/25914.BIN_AUTOSSL_CHECK_PL__.iDZNUwGuVZK2VqC0.tmp">http://addon2.com/25914.BIN_AUTOSSL_CHECK_PL__.iDZNUwGuVZK2VqC0.tmp</a>”, did not match the expected value.). at bin/autossl_check.pl line 449.
    2:24:04 AM WARN The domain “www.addon2.com” has failed domain control validation (The content “<html><head><META HTTP-EQUIV="refresh" CONTENT="0;URL=/cgi-sys/defaultwebpage.cgi"></head><body></body></html>” of the <abbr title="Domain Control Validation">DCV</abbr> file, as accessed at “<a href="http://addon1.com25914.BIN_AUTOSSL_CHECK_PL__.6Z9d1Bs7SjHn1rCt.tmp">http://addon1.com25914.BIN_AUTOSSL_CHECK_PL__.6Z9d1Bs7SjHn1rCt.tmp</a>” and redirected from “<a href="http://www.addon2.com/25914.BIN_AUTOSSL_CHECK_PL__.6Z9d1Bs7SjHn1rCt.tmp">http://www.addon2.com/25914.BIN_AUTOSSL_CHECK_PL__.6Z9d1Bs7SjHn1rCt.tmp</a>”, did not match the expected value.). at bin/autossl_check.pl line 449.
    2:24:04 AM WARN The domain “addon2.maindomain.com” has failed domain control validation (The content “<html><head><META HTTP-EQUIV="refresh" CONTENT="0;URL=/cgi-sys/defaultwebpage.cgi"></head><body></body></html>” of the <abbr title="Domain Control Validation">DCV</abbr> file, as accessed at “<a href="http://addon1.com25914.BIN_AUTOSSL_CHECK_PL__._JrTtws7SO9xMbIc.tmp">http://addon1.com25914.BIN_AUTOSSL_CHECK_PL__._JrTtws7SO9xMbIc.tmp</a>” and redirected from “<a href="http://addon2.maindomain.com/25914.BIN_AUTOSSL_CHECK_PL__._JrTtws7SO9xMbIc.tmp">http://addon2.maindomain.com/25914.BIN_AUTOSSL_CHECK_PL__._JrTtws7SO9xMbIc.tmp</a>”, did not match the expected value.). at bin/autossl_check.pl line 449.
    2:24:04 AM WARN The domain “www.addon2.maindomain.com” has failed domain control validation (The content “<html><head><META HTTP-EQUIV="refresh" CONTENT="0;URL=/cgi-sys/defaultwebpage.cgi"></head><body></body></html>” of the <abbr title="Domain Control Validation">DCV</abbr> file, as accessed at “<a href="http://addon1.com25914.BIN_AUTOSSL_CHECK_PL__.c8VnqoEkJ389DMA2.tmp">http://addon1.com25914.BIN_AUTOSSL_CHECK_PL__.c8VnqoEkJ389DMA2.tmp</a>” and redirected from “<a href="http://www.addon2.maindomain.com/25914.BIN_AUTOSSL_CHECK_PL__.c8VnqoEkJ389DMA2.tmp">http://www.addon2.maindomain.com/25914.BIN_AUTOSSL_CHECK_PL__.c8VnqoEkJ389DMA2.tmp</a>”, did not match the expected value.). at bin/autossl_check.pl line 449.
    2:24:04 AM WARN The domain “www.wiki.maindomain.com” has failed domain control validation (“www.wiki.maindomain.com” does not resolve to any IPv4 addresses on the internet.). at bin/autossl_check.pl line 449.
    2:24:04 AM WARN All of “wiki.maindomain.com”’s unsecured domains failed domain control validation. AutoSSL skip this website. at bin/autossl_check.pl line 402.
    2:24:04 AM WARN The domain “ipv6.maindomain.com” has failed domain control validation (You do not have a document root for the domain “ipv6.maindomain.com”.). at bin/autossl_check.pl line 449.
    2:24:04 AM WARN All of “maindomain.com”’s unsecured domains failed domain control validation. AutoSSL skip this website. at bin/autossl_check.pl line 402.
    2:24:04 AM The system has completed the AutoSSL check for “user”.
    2:24:04 AM The system has finished checking 1 user.
     
    #1 Vijai, Aug 18, 2016
    Last edited by a moderator: Aug 18, 2016
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,762
    Likes Received:
    662
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello,

    Is it possible these subdomains were created in the past, or are the subdomains associated with addon domain names on the account? Are the subdomains listed in cPanel under the "Subdomains" option?

    Thank you.
     
  3. Vijai

    Vijai Member

    Joined:
    Jul 2, 2016
    Messages:
    5
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    India
    cPanel Access Level:
    Root Administrator
    The domains are addon domains which automatically created subdomains while I migrated from directadmin. All subdomains are listed except the ipv6.maindomain.com which is not listed/added
     
  4. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,762
    Likes Received:
    662
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    The following thread offers information on troubleshooting the validation failure messages for the subdomains:

    cPanel & WHM’s AutoSSL/SSL ordering process

    Could you let us know the output from the cURL command referenced on that thread if the issue continues?

    As for the subdomain that shouldn't exist, could you try removing the entry for that subdomain in the DNS zone associated with the domain name it's added under, and then adding/deleting that subdomain in cPanel?

    Thank you.
     
  5. Vijai

    Vijai Member

    Joined:
    Jul 2, 2016
    Messages:
    5
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    India
    cPanel Access Level:
    Root Administrator
    The output is
    Code:
    root@compile:~# curl —user-agent "COMODO DCV" —insecure —max-time 10 —retry 0 http://subdomain.com/test.txt
    <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
    <html><head>
    <title>302 Found</title>
    </head><body>
    <h1>Found</h1>
    <p>The document has moved <a href="https://subdomain.com/test.txt">here</a>.</p>
    </body></html>
    I'd like to note that this domain has a valid ssl from godaddy. But not other domains. Should I remove htaccess redirect to https for letsencrypt to work?
    And, I dont manage dns in my cpanel server. Its godaddy dns. Should I remove the zone from godaddy dns?
     
  6. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,762
    Likes Received:
    662
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Could you try the solution in the AutoSSL and HTTPS Redirects thread and let us know if that's helpful?

    Thank you.
     
Loading...

Share This Page