D
Deleted member 868887
Guest
Hi,
I started receiving notifications through cPanel in February:
Subject line: 1 service generated warnings while checking SSL certificates
Content: The system failed to acquire a signed certificate from the cPanel Store because of the following error: (XID vcqhek) The cPanel Store returned an error (X::PermissionDenied) in response to the request “POST ssl/certificate/whm-license”: Free hostname certs are not allowed by this partner
I called GoDaddy support (GoDaddy is our hosting provider) to find out what was causing this and they determined it was related to our Service SSL certificates. I renewed them manually (even though they were not expiring until May) through WHM which seemed to work fine, but I still keep getting the above notifications every day.
I've looked around the cPanel forum for a solution and can see other people are having similar issues, however I am not sure if my issue is exactly the same.
I ran the "hostname" and "dig a host.name.tld" commands (which I've seen suggested in other posts) and here's the output from those (I've obfuscated the hostname and IP):
1) hostname
2) dig a host.example.org
After this I ran the "/usr/local/cpanel/bin/checkallsslcerts" command and got the following output:
Can you help identify the issue? I'd like to resolve whatever is causing the errors I'm seeing, but I'm not very familiar with this territory of our server/cPanel.
Thank you!
I started receiving notifications through cPanel in February:
Subject line: 1 service generated warnings while checking SSL certificates
Content: The system failed to acquire a signed certificate from the cPanel Store because of the following error: (XID vcqhek) The cPanel Store returned an error (X::PermissionDenied) in response to the request “POST ssl/certificate/whm-license”: Free hostname certs are not allowed by this partner
I called GoDaddy support (GoDaddy is our hosting provider) to find out what was causing this and they determined it was related to our Service SSL certificates. I renewed them manually (even though they were not expiring until May) through WHM which seemed to work fine, but I still keep getting the above notifications every day.
I've looked around the cPanel forum for a solution and can see other people are having similar issues, however I am not sure if my issue is exactly the same.
I ran the "hostname" and "dig a host.name.tld" commands (which I've seen suggested in other posts) and here's the output from those (I've obfuscated the hostname and IP):
1) hostname
Code:
hosts.example.org
Code:
; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.68.rc1.el6_10.1 <<>> a hosts.example.org
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 13201
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;hosts.example.org. IN A
;; ANSWER SECTION:
hosts.example.org. 3600 IN A xxx.xxx.xxx.xxx
;; Query time: 28 msec
;; SERVER: 208.109.96.1#53(208.109.96.1)
;; WHEN: Sat Apr 13 08:33:15 2019
;; MSG SIZE rcvd: 64
Code:
The system will check for the certificate for the “cpanel” service.
The system will attempt to replace the self-signed certificate for the “cpanel” service with a signed certificate from the cPanel Store.
The system will attempt to install a certificate for the “cpanel” service from the system ssl storage.
None of the certificates in the system ssl storage were acceptable to use for the “cpanel” service.
The system will attempt to install a certificate for the “cpanel” service from the cPanel store.
Received error “X::NoCertificate” from cPanel Store; requesting new certificate …
Setting up HTTP DCV (/var/www/html/.well-known/pki-validation/BCA30B7B48C3E2B510EBE90A58FEBFA7.txt) …
… complete.
Setting up DNS DCV (CNAME _bca30b7b48c3e2b510ebe90a58febfa7.hosts.example.org) …
… complete.
Attempting DNS DCV preflight check …
FAILED: The DNS DCV check (_bca30b7b48c3e2b510ebe90a58febfa7.hosts.example.org IN CNAME) did not return the expected value (b6d2a6f2a96273ae8635bbdbdfabf86f.4557d9adaa29eae5f7898ca3b72499af.comodoca.com).
Attempting HTTP DCV preflight check …
… success!
(XID vcqhek) The cPanel Store returned an error (X::PermissionDenied) in response to the request “POST ssl/certificate/whm-license”: Free hostname certs are not allowed by this partner
Undoing HTTP DCV setup (/var/www/html/.well-known/pki-validation/BCA30B7B48C3E2B510EBE90A58FEBFA7.txt) …
… done.
Undoing DNS DCV setup (CNAME _bca30b7b48c3e2b510ebe90a58febfa7.hosts.example.org) …
… done.
[WARN] The system failed to acquire a signed certificate from the cPanel Store because of the following error: (XID vcqhek) The cPanel Store returned an error (X::PermissionDenied) in response to the request “POST ssl/certificate/whm-license”: Free hostname certs are not allowed by this partner
The system will check for the certificate for the “dovecot” service.
The system will attempt to replace the self-signed certificate for the “dovecot” service with a signed certificate from the cPanel Store.
The system will attempt to install a certificate for the “dovecot” service from the system ssl storage.
None of the certificates in the system ssl storage were acceptable to use for the “dovecot” service.
The system will check for the certificate for the “exim” service.
The system will attempt to replace the self-signed certificate for the “exim” service with a signed certificate from the cPanel Store.
The system will attempt to install a certificate for the “exim” service from the system ssl storage.
None of the certificates in the system ssl storage were acceptable to use for the “exim” service.
The system will check for the certificate for the “ftp” service.
The system will attempt to replace the self-signed certificate for the “ftp” service with a signed certificate from the cPanel Store.
The system will attempt to install a certificate for the “ftp” service from the system ssl storage.
None of the certificates in the system ssl storage were acceptable to use for the “ftp” service.Thank you!
