Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

The certificate chain failed OpenSSL verification error

Discussion in 'Security' started by csidev, Sep 26, 2018.

  1. csidev

    csidev Registered

    Joined:
    Sep 26, 2018
    Messages:
    2
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Louisiana
    cPanel Access Level:
    Root Administrator
    I recently took control of a website that was hacked and blacklisted by Google. I've cleaned up the site and gotten that domain unblacklisted, but AutoSSL is generating the following errors in the log:
    Code:
    Checking websites for “########” …
     9:33:16 PM Analyzing “########.com” …
     9:33:16 PM ERROR TLS Status: Defective
     Certificate expiry: 9/20/19, 4:52 PM UTC (359.6 days from now)
     ERROR Defect: OPENSSL_VERIFY: The certificate chain failed OpenSSL’s verification (0:18:DEPTH_ZERO_SELF_SIGNED_CERT).
     9:33:16 PM Performing DCV (Domain Control Validation) …
     9:33:17 PM Local HTTP DCV OK: ########.com
     Local HTTP DCV OK: www.########.com (via ########.com)
     Local HTTP DCV OK: mail.########.com (via ########.com)
     Local HTTP DCV OK: cpanel.########.com (via ########.com)
     Local HTTP DCV OK: webdisk.########.com (via ########.com)
     Local HTTP DCV OK: webmail.########.com (via ########.com)
     Analyzing “########.com”’s DCV results …
     9:33:17 PM AutoSSL will request a new certificate.
     9:33:17 PM The system will attempt to renew the SSL certificate for the website (########.com: ########.com www.########.com mail.########.com webmail.########.com cpanel.########.com webdisk.########.com).
     The provider “cPanel (powered by Comodo)”’s AutoSSL queue already contains a certificate request for “########”’s website “########.com”. The request’s start time is Sep 24, 2018, 2:33:02 AM UTC, and its last poll time is Sep 26, 2018, 1:55:02 AM UTC.
     9:33:17 PM The system has completed the AutoSSL check for “########”.
    
    I've tried going through my VPS hosting company for support but they keep telling me I have to buy one of their SSLs which I'm pretty sure is BS because AutoSSL is working just fine for the other 30 websites on the server.

    To clarify the issue, AutoSSL is generating an untrusted self-signed certificate for this site whereas the other sites are generating a trusted certificate with the certification path COMODO SECUREtm > cPanel, Inc. Certification Authority > [my website]
     
    #1 csidev, Sep 26, 2018
    Last edited by a moderator: Sep 26, 2018
  2. csidev

    csidev Registered

    Joined:
    Sep 26, 2018
    Messages:
    2
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Louisiana
    cPanel Access Level:
    Root Administrator
    It took several days but this issue resolved itself.
     
  3. cPanelLauren

    cPanelLauren Forums Analyst II Staff Member

    Joined:
    Nov 14, 2017
    Messages:
    6,442
    Likes Received:
    503
    Trophy Points:
    263
    Location:
    Houston
    cPanel Access Level:
    DataCenter Provider
    Hi @csidev

    I was going to mention to you that based on that output it looked like the SSL request was successful. I"m glad the issue has resolved itself at this time though, thank you for following up. More than likely the delay was in issuing the certificate as Google's safe browsing is something Comodo looks at before issuing certificates.

    Thanks!
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice