SSL Notifications in cPanel 68

[rpvw]

So v68 bought a lot of eagerly anticipated new features.......and seemed to have gone backwards at the same time.

Thirdly.....the new SSL notifications

Whilst I applaud the initiative of providing more information to the end user - the fact is the vast majority have no clue as to what they are being told, and are actually annoyed at getting even more emails. Now one can calmly tell them they can turn the notifications off in cPanel (which many of them have never actually logged into in their lives) but they, not unreasonably, retort that they didn't ask for the bl....y notifications in the first place, and bl.....y well stop them !!

The lack of a simple control on a server wide basis for disabling these client notifications would appear to be a glaring omission, and one that perhaps should have been implemented before pushing these new features onto the clients.

Hope this feedback is constructive and someone takes notice

 

[cPanelKenneth]

Hi,

The notifications sent about expiring certificates are managed globally via the "Send notifications when certificates approach expiry." tweak setting.

 

[rpvw]

Thanks Kenneth - you jumped in here just as I was composing a query about that very same Tweak Settings feature, as it was unclear to me if the setting applied to admin, users or both ...... I guess globally means both ?

 

[cPanelMichael]

Hello @rpvw,

The global AutoSSL notification settings are separate from the individual cPanel AutoSSL notification settings. The following feature request is open for the ability to set default values for the cPanel user notifications:

Ability to set defaults for cPanel User Notifications

In the meantime, you'd need to manually disable the individual AutoSSL notifications for cPanel users via "cPanel >> Contact Information" or setup a script that loops the cPanel API 2 functions referenced on the post:

AutoSSL notifications in cPanel 68

Thank you.

 

[texo]

The lack of a simple control on a server wide basis for disabling these client notifications would appear to be a glaring omission, and one that perhaps should have been implemented before pushing these new features onto the clients.

I fully agree. This is a shocking mistake, and I have already received 17 support tickets about this, with hundreds probably to follow today. It is impossible for me to log into every server, and manually disable these notifications for thousands of accounts.
Can someone PLEASE provide a shell script to do this?

 

[NanoGame]

My clients attacked hosting support with questions about these letters. Please make the global option to disable such notifications.
So far I've disabled notifications via the API, the script is below, I think many will need it.

#!/bin/bash

/bin/ls -1 /var/cpanel/users | while read USER; do
  /bin/echo "Now processing ${USER} ..."
  /usr/bin/cpapi2 --user=${USER} CustInfo savecontactinfo notify_autossl_expiry_coverage=0 notify_autossl_renewal_coverage=0
done

 

[rpvw]

@ NanoGame

Thank you VERY much for sharing this.

Not only did this work perfectly, but I now understand a whole lot more about how to script using the API

Excellent work

 

[Net Ninjas]

This is extremely poor form cPanel, that you would make such a change. Most hosting companies dont want notifications or emails going to their clients. Especially emails of this sort. To only find out that would happen in v68 after the clients have received the emails. I have to say Im more that a little pi**ed off right now

 

[Friends4U]

Great script BUT, after each new account creation you must run the script again (for the new account) and that will reset the choices of customers who DO want to have these emails.

 

[Damian]

Hi Texo, we are getting a lot of tickets about these notices too. This is a little shell script I wrote to change the notifications for the 5 AutoSSL notices off for every user on the server.

Save it to /root/something.sh, chmod 755 somthing.sh and then run it with ./something.sh

#!/bin/bash
cd /var/cpanel/users
for user in *
do
    cpapi2 --user=$user CustInfo savecontactinfo notify_autossl_renewal=0 notify_autossl_renewal_coverage=0 notify_autossl_expiry_coverage=0 notify_autossl_expiry=0 notify_ssl_expiry=0 
done

Adjust the 0 values on the line above to 1 if you want to keep a particular notification on.

Hope this helps

 

[weetabix]

How did this "feature" reach Release? incomprehensible.

 

[garconcn]

Hello @rpvw,

The global AutoSSL notification settings are separate from the individual cPanel AutoSSL notification settings. The following feature request is open for the ability to set default values for the cPanel user notifications:

Ability to set defaults for cPanel User Notifications

In the meantime, you'd need to manually disable the individual AutoSSL notifications for cPanel users via "cPanel >> Contact Information" or setup a script that loops the cPanel API 2 functions referenced on the following thread:

AutoSSL notifications in cPanel 68

Thank you.

I guess this is already too late as the "Autossl notification feature" does not exist in cpanel until you upgrade to V68, but once you upgrade, the notification will be sent out right after. So, client will receive at least one notification.

 

[jmartinmds]

Another note of thanks @NanoGame. I modified the script a little bit to include all 4 AutoSSL notifications:

#!/bin/bash

/bin/ls -1 /var/cpanel/users | while read USER; do
  /bin/echo "Now processing ${USER} ..."
  /usr/bin/cpapi2 --user=${USER} CustInfo savecontactinfo notify_autossl_expiry_coverage=0 notify_autossl_renewal_coverage=0 notify_autossl_expiry=0 notify_autossl_renewal=0
done

And I agree with the others that this should be configurable for the entire server, and able to be set as a default option to have these disabled for new accounts.

 

[anton_latvia]

Thanks for the script.

Question - where can we setup defaults for new accounts? So that new accounts will have these settings turned off?

 

[cPanelMichael]

Question - where can we setup defaults for new accounts? So that new accounts will have these settings turned off?

It's not yet possible to configure those values by default. We will update the following feature request once there's more information about plans to add that functionality to the product:

Ability to set defaults for cPanel User Notifications

In the meantime, you could setup a custom script like the one referenced earlier in this thread, and configure it to run as a post-stage hook immediately after an account is created. The particular event you would hook into is Accounts::Create:

Guide to Standardized Hooks - Whostmgr Functions - Software Development Kit - cPanel Documentation

EX:

/usr/local/cpanel/bin/manage_hooks add script /path/to/something.sh --manual --category Whostmgr --event Accounts::Create --stage post

Thank you.

 

[4u123]

I think a distinction needs to be made between the AutoSSL notifications and notifications for certificates the end user may have installed themselves from third parties.

With AutoSSL, sending notifications to the end user is a waste of time, since they can't do anything to resolve any of those problems. Expiry notifications on these certs are also pointless, considering the fact that they auto renew.

I think it's pretty reasonable to assume that AutoSSL notifications should go to the admin contact only.

Also want to mention that we are using cachewall (xvarnish). As someone mentioned this above, I would suggest some of these errors are caused by that software, for us it seems to be an issue on the proxy subdomains. I understand that project has stalled and is currently not being developed -so it is unlikely a fix will be produced. I will attempt to reach out to them about this.

 

[ronaldst]

What on earth been going on at the cPanel office pushing out something causing all clients to be bombarded with emails?

Just spent days sorting this issue.

Thank you to everyone getting a solution written into an actual post, which honestly should been the 2nd post in this topic by an actual cPanel staffer.

 

[diegomarin]

We have the same problem receiving many support tickets regarding the subject. I think that this feature should only be available to administrators and not to customers.

 

[mrl14]

This is a HUGE mistake on CPanel's part. You cannot just introduce new notifications to customers, especially with a very confusing message, as you have with AutoSSL. You are assuming that we have a) enabled this for all customers b) informed them of the service they are receiving from it and c) they understand the email you've sent them.

You need to reverse this immediately and introduce it as a new feature that we can enable if we feel it is necessary. This should be fixed today and issued in a release tonight.

 

[wwwcad]

HUGE mistake! Hundreds of worried customers asking what the hell is going on with their accounts.