Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

SOLVED None of the certificates in the system ssl storage were acceptable to use for the “cpanel” service.

Discussion in 'Security' started by Lee Wickham, Sep 24, 2018.

  1. Lee Wickham

    Lee Wickham Member

    Joined:
    Mar 24, 2017
    Messages:
    7
    Likes Received:
    2
    Trophy Points:
    3
    Location:
    United Kingdom
    cPanel Access Level:
    Root Administrator
    Hey guys,
    my Free cpanel issued hostname cert for my server "svr1.example.co.uk" has expired and im having issues Re-Generating it, I have followed the steps to Generate the self signed SSL's via
    • Home » Service Configuration » Manage Service SSL Certificates
    Using the "Reset Certificate" for each service.

    however when i then go and run "/usr/local/cpanel/bin/checkallsslcerts" It reports that none of the certificates were valid for any of the services

    Console Log:
    Code:
    [root@svr1 ~]
    # /usr/local/cpanel/bin/checkallsslcerts
    The system will check for the certificate for the “cpanel” service.
    The system will attempt to replace the self-signed certificate for the “cpanel” service with a signed certificate from the cPanel Store.
    The system will attempt to install a certificate for the “cpanel” service from the system ssl storage.
    None of the certificates in the system ssl storage were acceptable to use for the “cpanel” service.
    The system will attempt to install a certificate for the “cpanel” service from the cPanel store.
    Received error “X::NoCertificate” from cPanel Store; requesting new certificate …
    [WARN] The system failed to acquire a signed certificate from the cPanel Store because of the following error: (XID cnmmb9) The system queried for a
    temporary file at “http://svr1.example.co.uk/.well-known/pki-validation/3B8C460FD7B17B55E03AEAF2135A90BB.txt”, but the web server responded with th
    e following error: 404 (Not Found). A DNS (Domain Name System) or web server misconfiguration may exist.
    The system will check for the certificate for the “dovecot” service.
    The system will attempt to replace the self-signed certificate for the “dovecot” service with a signed certificate from the cPanel Store.
    The system will attempt to install a certificate for the “dovecot” service from the system ssl storage.
    None of the certificates in the system ssl storage were acceptable to use for the “dovecot” service.
    The system will check for the certificate for the “exim” service.
    The system will attempt to replace the self-signed certificate for the “exim” service with a signed certificate from the cPanel Store.
    The system will attempt to install a certificate for the “exim” service from the system ssl storage.
    None of the certificates in the system ssl storage were acceptable to use for the “exim” service.
    The system will check for the certificate for the “ftp” service.
    The system will attempt to replace the self-signed certificate for the “ftp” service with a signed certificate from the cPanel Store.
    The system will attempt to install a certificate for the “ftp” service from the system ssl storage.
    None of the certificates in the system ssl storage were acceptable to use for the “ftp” service.
    Not sure where to go next from here, any help with this would be most appreciated.

    Cheers.

    Lee.
     
    #1 Lee Wickham, Sep 24, 2018
    Last edited by a moderator: Sep 24, 2018
  2. dalem

    dalem Well-Known Member PartnerNOC

    Joined:
    Oct 24, 2003
    Messages:
    2,908
    Likes Received:
    127
    Trophy Points:
    368
    Location:
    SLC
    cPanel Access Level:
    DataCenter Provider
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. Lee Wickham

    Lee Wickham Member

    Joined:
    Mar 24, 2017
    Messages:
    7
    Likes Received:
    2
    Trophy Points:
    3
    Location:
    United Kingdom
    cPanel Access Level:
    Root Administrator
    The 404 there is due to svr1.example.co.uk being the server hostname, thus no site present.

    That error is not really the one im worried about, its the "
    None of the certificates in the system ssl storage were acceptable to use for the "cpanel service name here"

    are what's got me worried.
     
  4. Lee Wickham

    Lee Wickham Member

    Joined:
    Mar 24, 2017
    Messages:
    7
    Likes Received:
    2
    Trophy Points:
    3
    Location:
    United Kingdom
    cPanel Access Level:
    Root Administrator
    I've just noticed that the forum seems to be replacing the domain name with "example" im sure this is normal for the forums, but just making a note of it here, my host name in the above should be "fireworks".
     
  5. Infopro

    Infopro cPanel Sr. Product Evangelist Staff Member

    Joined:
    May 20, 2003
    Messages:
    16,881
    Likes Received:
    482
    Trophy Points:
    583
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    Real domain names, IP or email addresses should never be posted on a public forum.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    Lee Wickham likes this.
  6. Lee Wickham

    Lee Wickham Member

    Joined:
    Mar 24, 2017
    Messages:
    7
    Likes Received:
    2
    Trophy Points:
    3
    Location:
    United Kingdom
    cPanel Access Level:
    Root Administrator
    Ahh Understood, my apologies!
     
    Infopro likes this.
  7. dalem

    dalem Well-Known Member PartnerNOC

    Joined:
    Oct 24, 2003
    Messages:
    2,908
    Likes Received:
    127
    Trophy Points:
    368
    Location:
    SLC
    cPanel Access Level:
    DataCenter Provider
    your hostname does have site its located here
    /var/www/html

    your issue is (you need to correct the permission errors)


    Forbidden

    You don't have permission to access /.well-known/pki-validation/ on this server.

    Additionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  8. Lee Wickham

    Lee Wickham Member

    Joined:
    Mar 24, 2017
    Messages:
    7
    Likes Received:
    2
    Trophy Points:
    3
    Location:
    United Kingdom
    cPanel Access Level:
    Root Administrator
    Ok i see the issue here.

    the primary hostname is "svr1.example.co.uk" Home dir "/var/www/html/"
    and i am hosting the domain "example.co.uk" Home dir "/home/example/public_html/"

    when i run the checkcerts command its generating the required file e.g "0A6309864491C3CF679CF13B4E6529E1.txt"
    in "/var/www/html/

    However the next step check for it over http in "/home/example/public_html/"

    And ofc it's not there so that particular part fails.

    Any suggestions?

    Again thanks for the assistance!
     
  9. Lee Wickham

    Lee Wickham Member

    Joined:
    Mar 24, 2017
    Messages:
    7
    Likes Received:
    2
    Trophy Points:
    3
    Location:
    United Kingdom
    cPanel Access Level:
    Root Administrator
    Update:
    This seems to be an issue with http vs https , via https i can see the diredtory properly and the text files however when loading via http it's looking at the main domain instead of the hostname.
     
  10. Lee Wickham

    Lee Wickham Member

    Joined:
    Mar 24, 2017
    Messages:
    7
    Likes Received:
    2
    Trophy Points:
    3
    Location:
    United Kingdom
    cPanel Access Level:
    Root Administrator
    Final Update:

    Happy to report this issue has now been resolved

    The Fix:
    One of the support team noticed the server's hostname was not pointing to the servers primary IP and upon updating that I was able to successfully re-new the service certificates.

    Just want to say a big thanks to every one here on the forum and the cPanel support team for assisting with this issue, it's greatly appreciated!


    Lee.
     
    Infopro likes this.
  11. Infopro

    Infopro cPanel Sr. Product Evangelist Staff Member

    Joined:
    May 20, 2003
    Messages:
    16,881
    Likes Received:
    482
    Trophy Points:
    583
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    Happy to hear you got it sorted.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    Lee Wickham likes this.
  12. DolceHogarMX

    DolceHogarMX Registered

    Joined:
    Oct 18, 2018
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    mexico
    cPanel Access Level:
    Website Owner
    Hello I had the same issue I couldn't re-new the ssl. I got error the connection is not private I select ok and then I got the 404 error. I'm not sure if I accidentally erased something when I deleted the ssl key and certificate from Cpanel since it was giving me problems.
    By the way my site is [removed]
    If you could kindly guide me I would really appreciate it.
    Not letting me even login to my admin account in WordPress
     
    #12 DolceHogarMX, Oct 18, 2018
    Last edited by a moderator: Oct 18, 2018
  13. Infopro

    Infopro cPanel Sr. Product Evangelist Staff Member

    Joined:
    May 20, 2003
    Messages:
    16,881
    Likes Received:
    482
    Trophy Points:
    583
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    Do you have root access to the server your account is on? Assuming you don't as your forum profile lists you as Website Owner. In that case, your best bet is to contact your Hosting Provider about this matter.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice