SSL certificate problems

ksgalicia

Well-Known Member
Aug 4, 2016
71
5
58
Spain
cPanel Access Level
Root Administrator
Twitter
Hello,

These days I am receiving emails like these:

1 service generated warnings while checking SSL certificates.

El sistema no pudo adquirir un certificado firmado de cPanel Store debido al siguiente error: (XID wqqjbx) cPanel Store devolvió un error (X::TemporarilyUnavailable) en respuesta a la solicitud “POST ssl/certificate/whm-license/90-day”: We were unable to process your request. Please try again later.. The cPanel Store returned an error (X::TemporarilyUnavailable) in response to the request “POST ssl/certificate/whm-license/90-day”: We were unable to process your request. Please try again later..

The SSL (Secure Sockets Layer) certificate for "cpanel" on "server..." will expire in less than 30 days
The SSL (Secure Sockets Layer) certificate for "ftp" on "server..." will expire in less than 30 days
The SSL (Secure Sockets Layer) certificate for "dovecot" on "server..." will expire in less than 30 days
The SSL (Secure Sockets Layer) certificate for "cpanel" on "server..." will expire in less than 30 days

And in AutoSSL I see messages like these:

The “cPanel (powered by Sectigo)” provider cannot currently accept incoming requests. The system will try again later

ERROR AutoSSL failed to request an SSL certificate for “domain.com” because of an error: (XID bcgk6u) La respuesta a la solicitud de HTTP (Protocolo de Transferencia de Hipertexto) “POST” de “https://store.cpanel.net/json-api/ssl/certificate/free” indicó un error (500, Internal Server Error): <!DOCTYPE HTML PUBLIC "-//IETF/… The response to the <abbr title="Hypertext Transfer Protocol">HTTP</abbr> “POST” request from “https://store.cpanel.net/json-api/ssl/certificate/free” indicated an error (500, Internal Server Error): <!DOCTYPE HTML PUBLIC "-//IETF/…

And in the "Pending Queue" tab I see several domains and subdomains on hold

To what is due? Do you have a solution?

Thanks!
 
Last edited by a moderator:

kodeslogic

Well-Known Member
PartnerNOC
Apr 26, 2020
534
247
118
IN
cPanel Access Level
Root Administrator
1.) Whitelist following Sectigo's IP addresses in your firewall on port 80 to ensure Sectigo can complete its DCV checks.
178.255.81.12
178.255.81.13
91.199.212.132
199.66.201.132
2.) Clear the AutoSSL Queue by moving and renaming the AutoSSL Sqlite3 database. This file is located at /var/cpanel/autossl_queue_cpanel.sqlite
Code:
# mv /var/cpanel/autossl_queue_cpanel.sqlite /var/cpanel/autossl_queue_cpanel.sqlite-old
3.) From the command line try below command:
Code:
# /usr/local/cpanel/bin/autossl_check
 
  • Like
Reactions: cPRex and Spirogg

Spirogg

Well-Known Member
Feb 21, 2018
700
161
43
chicago
cPanel Access Level
Root Administrator
1.) Whitelist following Sectigo's IP addresses in your firewall on port 80 to ensure Sectigo can complete its DCV checks.


2.) Clear the AutoSSL Queue by moving and renaming the AutoSSL Sqlite3 database. This file is located at /var/cpanel/autossl_queue_cpanel.sqlite
Code:
# mv /var/cpanel/autossl_queue_cpanel.sqlite /var/cpanel/autossl_queue_cpanel.sqlite-old
3.) From the command line try below command:
Code:
# /usr/local/cpanel/bin/autossl_check
just running this via command line just gives the help man page. you need to add

Code:
[email protected]:~# /usr/local/cpanel/bin/autossl_check
Usage:
        autossl_check ( --user=<username> | --all | --help )

    This command will do a single AutoSSL check of either all users or a
    single user.

    Upon a successful run, the command will also clear out any outdated
    AutoSSL log files.
so it must have either --all
or
--user=username

(username is your cPanel account username)
 

kodeslogic

Well-Known Member
PartnerNOC
Apr 26, 2020
534
247
118
IN
cPanel Access Level
Root Administrator
Execute:

Code:
/usr/local/cpanel/bin/autossl_check --all
 
  • Like
Reactions: Spirogg