cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,904
2,218
463
Hello @stormy,

I'm formulating my response based on the behavior in cPanel version 70, as it's nearing publication to the Current build tier (tentatively planned for the third week of January). cPanel version 68 becomes EOL once version 70 reaches the Stable build tier.

1. Tweak settings > Notifications > Send notifications when certificates approach expiry ("Send a notification when an SSL certificate expires soon. The system will only send a notification for an AutoSSL-provided certificate if that certificate fails to renew".)

Does this send notifications to the cPanel user or to the server admin? Or both?
As of cPanel version 70, the "Send notifications when certificates approach expiry" option in "WHM >> Tweak Settings" applies to non-AutoSSL certificates only (unless AutoSSL is disabled on the system):

Fixed case CPANEL-16927: Make notify_expiring_certificates ignore AutoSSL when AutoSSL is active.

Thus, since you are using AutoSSL, the "Send notifications when certificates approach expiry" only applies to non-AutoSSL certificates. Additionally, by default, notifications are sent both to users and administrators. If "Send notifications when certificates approach expiry" is disabled, this notification type is not utilized at all. If you want the administrator notification enabled, but the user notification disabled, then you'd leave the option enabled in "WHM >> Tweak Settings" and access cPanel to disable "SSL certificate expiry" under the "Contact Information" option for each user. If you want user notifications enabled, but the administrator notification disabled, then you'd leave the tweak setting option on and modify the contact preference for "SSL certificates expiring" in "WHM >> Contact Manager".

3. Manage AutoSSL > Options. Here are the new notification options. I think these are user only notifications. Am I right?
No, that's not correct. The "WHM >> Manage AutoSSL" notification settings control whether a specific AutoSSL notification type is active on the system. For the enabled AutoSSL notification types, you use "WHM >> Contact Manager" to control if the enabled notification types are sent to the administrator, and you use "cPanel >> Contact Information" to control whether enabled notification types are sent to the cPanel user.

Thank you.
 
Last edited:

WorkinOnIt

Well-Known Member
Aug 3, 2016
227
30
78
UK
cPanel Access Level
Root Administrator
Well I've read through this entire thread and I am still confused.

I simply want to disable the email notifications for Auto SSL that get sent to the end user (cPanel account email address).

I've had dozens of clients contacting me wondering what all the AutoSSL emails mean.

Since I manage the server, I don't want end users seeing this kind of communication.

So - please explain in the simplest terms, how can I turn off the AutoSSL emails for the end users?

I can see that it is possible to control this in the "Contact Information and Preferences" section within each individual cPanel account - but I want to control the notifications for all users on a server wide basis.


There really should be a simple WHM panel interface that contains the notification controls for all the end users (cPanel accounts) - that's separate from the admin notifications.
 

rodpascoe

Member
Aug 12, 2012
10
6
3
cPanel Access Level
Root Administrator
Well I've read through this entire thread and I am still confused.

I simply want to disable the email notifications for Auto SSL that get sent to the end user (cPanel account email address).

I've had dozens of clients contacting me wondering what all the AutoSSL emails mean.

Since I manage the server, I don't want end users seeing this kind of communication.

So - please explain in the simplest terms, how can I turn off the AutoSSL emails for the end users?

I can see that it is possible to control this in the "Contact Information and Preferences" section within each individual cPanel account - but I want to control the notifications for all users on a server wide basis.


There really should be a simple WHM panel interface that contains the notification controls for all the end users (cPanel accounts) - that's separate from the admin notifications.

Confusing isn't it?

I still get the emails (as do my users) despite following all the instructions on here.

Opened a ticket and never got a reply.

Gave up and now just delete the emails.
 
  • Like
Reactions: feldon27

sparek-3

Well-Known Member
Aug 10, 2002
2,042
230
368
cPanel Access Level
Root Administrator
Have you tried running:

/usr/local/cpanel/bin/whmapi1 set_autossl_metadata metadata_json={\"notify_autossl_expiry_coverage\":0}
/usr/local/cpanel/bin/whmapi1 set_autossl_metadata metadata_json={\"notify_autossl_renewal_coverage\":0}
/usr/local/cpanel/bin/whmapi1 set_autossl_metadata metadata_json={\"notify_autossl_renewal\":0}


Or through the WHM interface:

Manage AutoSSL -> Options -> Notify when AutoSSL defers certificate renewal because a domain on the current certificate has failed DCV.

Manage AutoSSL -> Options -> Uncheck Notify when AutoSSL will not secure new domains because a domain on the current certificate has failed DCV.

Manage AutoSSL -> Options -> Uncheck Send notifications when AutoSSL has renewed a certificate.

Further explanation:

/usr/local/cpanel/bin/whmapi1 set_autossl_metadata metadata_json={\"notify_autossl_expiry_coverage\":0} unchecks Manage AutoSSL -> Options -> Notify when AutoSSL defers certificate renewal because a domain on the current certificate has failed DCV.

/usr/local/cpanel/bin/whmapi1 set_autossl_metadata metadata_json={\"notify_autossl_renewal_coverage\":0} unchecks Manage AutoSSL -> Options -> Notify when AutoSSL will not secure new domains because a domain on the current certificate has failed DCV.

/usr/local/cpanel/bin/whmapi1 set_autossl_metadata metadata_json={\"notify_autossl_renewal\":0} unchecks Manage AutoSSL -> Options -> Send notifications when AutoSSL has renewed a certificate.

Doing it through the command-line is quicker for me, but may not be the case for you.

Does this stop all of the notifications? I'm really not sure.
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,904
2,218
463
I can see that it is possible to control this in the "Contact Information and Preferences" section within each individual cPanel account - but I want to control the notifications for all users on a server wide basis.
Hello,

Here's a post here with an example of a script you can use to disable the cPanel user AutoSSL notifications for every user:

Post 2496419

Keep in mind this is improved in cPanel version 70, as the ability to disable options that send AutoSSL notifications to cPanel users will exist in "WHM >> Home >> SSL/TLS >> Manage AutoSSL".

Thank you.
 

ChadBigHippoHost

Registered
Apr 21, 2015
2
1
3
Pittsburgh, PA
cPanel Access Level
Root Administrator
Hello,

Here's a post here with an example of a script you can use to disable the cPanel user AutoSSL notifications for every user:

Post 2496419

Keep in mind this is improved in cPanel version 70, as the ability to disable options that send AutoSSL notifications to cPanel users will exist in "WHM >> Home >> SSL/TLS >> Manage AutoSSL".

Thank you.
Thank you for clarifying this. I will look forward to this solving these emails in cPanel 70.
 
  • Like
Reactions: cPanelMichael

Hedloff

Well-Known Member
Jun 7, 2004
175
9
168
Up north!
cPanel Access Level
DataCenter Provider
Have anyone tested that these emails are not sent out in version 70 after disabling this in tweak settings?
We're still at version 66 because of these terrible emails causing so much pain for our customers and helpdesk!
 

sneader

Well-Known Member
Aug 21, 2003
1,195
65
178
La Crosse, WI
cPanel Access Level
Root Administrator
We're still at version 66 because of these terrible emails causing so much pain for our customers and helpdesk!
The fix is well documented in this thread... one simple command line, and the notifications can be disabled. Did you miss that? upgrade to 68, then run the command, problem solved.

We have found that the notifications are actually helpful, except for the "successful renewal" emails, so those are the only ones we have disabled. The rest of them are almost always pointing to some type of problem that should be fixed anyway. We have devised a couple of standard responses that help customers to learn more about the "SSL/TLS Status" feature in cPanel to give them control over what FQDNs they want protected by SSL. Your mileage may vary here... but, I think you could upgrade and disable the notifications easily.

- Scott
 
  • Like
Reactions: cPanelMichael

Hedloff

Well-Known Member
Jun 7, 2004
175
9
168
Up north!
cPanel Access Level
DataCenter Provider
Thanks Scott!
But we do not use AutoSSL for our customers. We sell SSL and actually make profits, therefore we do not want to use it.

No, I didn't read the whole thread because I will skip version 68 on our servers and go directly to version 70.
I updated one server to 70 and changed setting, but I do not fully trust cPanel have fixed it.... That's why I wanted some feedback on this setting in tweak:
 

Attachments

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,904
2,218
463
But we do not use AutoSSL for our customers. We sell SSL and actually make profits, therefore we do not want to use it.
I updated one server to 70 and changed setting, but I do not fully trust cPanel have fixed it.... That's why I wanted some feedback on this setting in tweak (Send notifications when certificates approach expiry)
Hello @Hedloff,

Yes, disabling the "Send notifications when certificates approach expiry" option in "WHM >> Tweak Settings" in cPanel version 70 will disable the notifications that occur when non-AutoSSL SSL certificates are about to expire.

Let us know if you have any additional questions.

Thank you.
 

rodpascoe

Member
Aug 12, 2012
10
6
3
cPanel Access Level
Root Administrator
The fix is well documented in this thread... one simple command line, and the notifications can be disabled. Did you miss that? upgrade to 68, then run the command, problem solved.

We have found that the notifications are actually helpful, except for the "successful renewal" emails, so those are the only ones we have disabled. The rest of them are almost always pointing to some type of problem that should be fixed anyway. We have devised a couple of standard responses that help customers to learn more about the "SSL/TLS Status" feature in cPanel to give them control over what FQDNs they want protected by SSL. Your mileage may vary here... but, I think you could upgrade and disable the notifications easily.

- Scott
Only it didn't fix it for everyone (us included) so Hedloff's question is valid.

Thanks Scott!
But we do not use AutoSSL for our customers. We sell SSL and actually make profits, therefore we do not want to use it.

No, I didn't read the whole thread because I will skip version 68 on our servers and go directly to version 70.
I updated one server to 70 and changed setting, but I do not fully trust cPanel have fixed it.... That's why I wanted some feedback on this setting in tweak:
We sell them too and couldn't agree more.

Yes Hedloff, 70 finally fixed it, just take all the ticks out of the boxes to say good-bye to those pesky emails.
 

Tam

Well-Known Member
Jul 31, 2004
112
10
168
Thus, since you are using AutoSSL, the "Send notifications when certificates approach expiry" only applies to non-AutoSSL certificates. Additionally, by default, notifications are sent both to users and administrators. If "Send notifications when certificates approach expiry" is disabled, this notification type is not utilized at all. If you want the administrator notification enabled, but the user notification disabled, then you'd leave the option enabled in "WHM >> Tweak Settings" and access cPanel to disable "SSL certificate expiry" under the "Contact Information" option for each user. If you want user notifications enabled, but the administrator notification disabled, then you'd leave the tweak setting option on and modify the contact preference for "SSL certificates expiring" in "WHM >> Contact Manager".



No, that's not correct. The "WHM >> Manage AutoSSL" notification settings control whether a specific AutoSSL notification type is active on the system. For the enabled AutoSSL notification types, you use "WHM >> Contact Manager" to control if the enabled notification types are sent to the administrator, and you use "cPanel >> Contact Information" to control whether enabled notification types are sent to the cPanel user.

Thank you.
cPanel is not listening to us....

As administrators, and those of us who wish to use autoSSL, we want to be able have the option to receive our chosen notifications, and we want the facility to turn off select or all notifications to cPanel users. It is very simple. As it stands now we would have to go into each user's cPanel and manually turn them off. cPanel has created a rod for our backs here, a massive increase in support requests from users who do not know what to do about these notifications. Even in v70, it is still not right.
 

Hedloff

Well-Known Member
Jun 7, 2004
175
9
168
Up north!
cPanel Access Level
DataCenter Provider
Only it didn't fix it for everyone (us included) so Hedloff's question is valid.

We sell them too and couldn't agree more.

Yes Hedloff, 70 finally fixed it, just take all the ticks out of the boxes to say good-bye to those pesky emails.
Thank you rodpascoe ! :) Great to hear that it's just not us having huge issues.....
Tested on a couple of server now and it seems to be working fine.

cPanel also added self signed ssl a while ago for all accounts as default and when thousends of customers get notification about these aswell, it creates a lot of work for our support department!

Would really wish cPanel would start to listen and when they add new features they have them disabled by default!
 

Tam

Well-Known Member
Jul 31, 2004
112
10
168
If you want the administrator notification enabled, but the user notification disabled, then you'd leave the option enabled in "WHM >> Tweak Settings" and access cPanel to disable "SSL certificate expiry" under the "Contact Information" option for each user.
"access cPanel to disable "SSL certificate expiry" under the "Contact Information" option for each user."

Where is that? I cannot find it in WHM or user cPanels.
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,904
2,218
463
"access cPanel to disable "SSL certificate expiry" under the "Contact Information" option for each user."

Where is that? I cannot find it in WHM or user cPanels.
Hello @Tam,

This is found in cPanel, under the "Preferences" section. Or, from the dropdown option in the upper right of the theme where you see the account username. The option is documented at:

Contact Information - Version 70 Documentation - cPanel Documentation

Note the following section:

Important:
  • This interface only appears if your hosting provider enables either of the following features in WHM's Feature Manager interface (WHM >> Home >> Features >> Feature Manager).
    • The Contact Information feature.
    • The Update Notification Preferences feature.
  • To use the Reset Password feature, you must set your contact email address.
Thank you.
 

Tam

Well-Known Member
Jul 31, 2004
112
10
168
Hello @Tam,

This is found in cPanel, under the "Preferences" section. Or, from the dropdown option in the upper right of the theme where you see the account username. The option is documented at:

Contact Information - Version 70 Documentation - cPanel Documentation

Note the following section:



Thank you.
Ah, the issue is with the documentation then, if the notifications are disabled in WHM > Manage AutoSSL > Options, then they will not show in the Contact Information options.
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,904
2,218
463
Ah, the issue is with the documentation then, if the notifications are disabled in WHM > Manage AutoSSL > Options, then they will not show in the Contact Information options.
Hello @Tam,

That's by design and documented on our Manage AutoSSL document:

  • If you deselect any of the following options, it will also remove the corresponding option in cPanel's Contact Information interface (Home >> cPanel >> Preferences >> Contact Information).
  • The system will not send notifications to cPanel users for options that you disable.
  • These options override the user's current settings.
Can you verify which behavior or documentation you are referring to that's not accurate?

Thank you.
 

Tam

Well-Known Member
Jul 31, 2004
112
10
168
It is clearly there in the documentation linked to in the previous post. For instance,

My account approaches its bandwidth usage limit.


This setting notifies you if your website will soon exceed the maximum amount of traffic allowed.

Notes:

  • This setting only appears if your hosting provider limits the bandwidth usage for your cPanel account and enables bandwidth notifications.

  • After you reach your maximum bandwidth, visitors cannot access your website.
  • To resolve this issue, you must upgrade your hosting plan. Otherwise, you must wait until the limit resets. Generally, this limit resets at the end of each month.
In any of the AutoSSL references there is no mention of This setting only appears if your hosting provider......

But anyway, as so many people are discovering with cPanel and their lovely AutoSSL, cPanel is not allowing us to have full control over the feature. Okay, we can enable or disable it, but we need to be able to control whether our clients receive AutoSSL notifications or not, and by not allowing us to do so you are burgeoning our support departments/facilities with excessive work because the vast majority of clients do not know what to do with these notifications and it is predominantly a server administrative issue. It is completely impractical for us to have to enter a client's cPanel and disable it manually from within there, many of us have thousands of clients.

The feature should be considered incomplete until that facility is available to admins.​
 
  • Like
Reactions: feldon27

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,904
2,218
463
In any of the AutoSSL references there is no mention of This setting only appears if your hosting provider......
Good point. I've opened a case with our Documentation Team (#DOC-10387) to have the Contact Information document updated to reflect that information.

It is completely impractical for us to have to enter a client's cPanel and disable it manually from within there, many of us have thousands of clients.
You can disable the AutoSSL notifications completely without logging into cPanel for each account by disabling the notification types under the "Options" tab in "WHM >> Manage AutoSSL". This action alone will ensure the notifications are not sent to cPanel users or administrators. That said, if I understand correctly, you'd like to disable the AutoSSL notifications for all users, but still have it sent to the administrator. Is that correct? If so, we have a feature request open that would offer what you are seeking:

Ability to set defaults for cPanel User Notifications

In the meantime, you could use a workaround like the one referenced on this post.

Thank you.
 

Tam

Well-Known Member
Jul 31, 2004
112
10
168