The AutoSSL certificate renewal may cause a reduction of coverage

Bloke2 · Dec 22, 2017

I received the fallowing email titled "The AutoSSL certificate renewal may cause a reduction of coverage". Is this something I should be concerned with? I have 4 other sites on the server and did not get an email about those. Is this because I have a redirect on this website?
Code:
The “cPanel” AutoSSL provider could [B]not[/B] renew the SSL certificate without a reduction of coverage because of the following problems:
The system failed to fetch the DCV (Domain Control Validation)

The system failed to send an HTTP (Hypertext Transfer Protocol) “GET” request to “example.com/.well-known/pki-validation/7BA0FF751F8CD93D91833B643B8C6B01.txt” because of an error: Size of response body exceeds the maximum allowed of 16384

mail.example.com

cPanelMichael · Dec 22, 2017

Bloke2 said: ↑

because of an error: Size of response body exceeds the maximum allowed
Click to expand...

Hello,

It's possible a redirect rule is directing requests to the DCV file to another file that exceeds the 16-KiB response limit. Are any rewrite rules configured for this domain name doing that? If so, try modifying them to exclude requests to the "domain.tld/.well-known/pki-validation/XXXXXXX.txt" path.

Thank you.

Bloke2 · Jan 2, 2018

I removed the rewrite rule for the domain. I ran the AutoSSL and was able to get it to renew. Now it says
mail.mywebsite.net” does not resolve to any IPv4 addresses on the internet.

cPanelMichael · Jan 2, 2018

Bloke2 said: ↑

Now it says "mail.mywebsite.net” does not resolve to any IPv4 addresses on the internet.
Click to expand...

Hello,

Does the mail subdomain resolve to the IP address associated with the cPanel account, or is it pointed to another server?

Thank you.

Bloke2 · Jan 2, 2018

There are two MX records pointing to another server.

cPanelMichael · Jan 3, 2018

Bloke2 said: ↑

There are two MX records pointing to another server.
Click to expand...

The MX records shouldn't matter. What about the DNS record for the "mail" subdomain?

Thank you.

Forums

The Community Forums

Interact with an entire community of cPanel & WHM users!

The AutoSSL certificate renewal may cause a reduction of coverage

Bloke2 Well-Known Member

cPanelMichael Forums Analyst
Staff Member

Bloke2 Well-Known Member

cPanelMichael Forums Analyst
Staff Member

Bloke2 Well-Known Member

cPanelMichael Forums Analyst
Staff Member

SOLVED The AutoSSL certificate renewal may cause a reduction of coverage

Apache not serving new certificates after AutoSSL

AutoSSL failed to request SSL certificate Permission Denied

AutoSSL doesn't renew certificate if cPanel license is expired

AutoSSL for Server certificate

Share This Page

Useful Searches

The Community Forums

Interact with an entire community of cPanel & WHM users!

The AutoSSL certificate renewal may cause a reduction of coverage

Bloke2 Well-Known Member

cPanelMichael Forums Analyst Staff Member

Bloke2 Well-Known Member

cPanelMichael Forums Analyst Staff Member

Bloke2 Well-Known Member

cPanelMichael Forums Analyst Staff Member

SOLVED The AutoSSL certificate renewal may cause a reduction of coverage

Apache not serving new certificates after AutoSSL

AutoSSL failed to request SSL certificate Permission Denied

AutoSSL doesn't renew certificate if cPanel license is expired

AutoSSL for Server certificate

Share This Page

cPanelMichael Forums Analyst
Staff Member

cPanelMichael Forums Analyst
Staff Member

cPanelMichael Forums Analyst
Staff Member