The certificate chain failed OpenSSL verification error

csidev

Registered
Sep 26, 2018
2
0
1
Louisiana
cPanel Access Level
Root Administrator
I recently took control of a website that was hacked and blacklisted by Google. I've cleaned up the site and gotten that domain unblacklisted, but AutoSSL is generating the following errors in the log:
Code:
Checking websites for “########” …
 9:33:16 PM Analyzing “########.com” …
 9:33:16 PM ERROR TLS Status: Defective
 Certificate expiry: 9/20/19, 4:52 PM UTC (359.6 days from now)
 ERROR Defect: OPENSSL_VERIFY: The certificate chain failed OpenSSL’s verification (0:18:DEPTH_ZERO_SELF_SIGNED_CERT).
 9:33:16 PM Performing DCV (Domain Control Validation) …
 9:33:17 PM Local HTTP DCV OK: ########.com
 Local HTTP DCV OK: www.########.com (via ########.com)
 Local HTTP DCV OK: mail.########.com (via ########.com)
 Local HTTP DCV OK: cpanel.########.com (via ########.com)
 Local HTTP DCV OK: webdisk.########.com (via ########.com)
 Local HTTP DCV OK: webmail.########.com (via ########.com)
 Analyzing “########.com”’s DCV results …
 9:33:17 PM AutoSSL will request a new certificate.
 9:33:17 PM The system will attempt to renew the SSL certificate for the website (########.com: ########.com www.########.com mail.########.com webmail.########.com cpanel.########.com webdisk.########.com).
 The provider “cPanel (powered by Comodo)”’s AutoSSL queue already contains a certificate request for “########”’s website “########.com”. The request’s start time is Sep 24, 2018, 2:33:02 AM UTC, and its last poll time is Sep 26, 2018, 1:55:02 AM UTC.
 9:33:17 PM The system has completed the AutoSSL check for “########”.
I've tried going through my VPS hosting company for support but they keep telling me I have to buy one of their SSLs which I'm pretty sure is BS because AutoSSL is working just fine for the other 30 websites on the server.

To clarify the issue, AutoSSL is generating an untrusted self-signed certificate for this site whereas the other sites are generating a trusted certificate with the certification path COMODO SECUREtm > cPanel, Inc. Certification Authority > [my website]
 
Last edited by a moderator:

cPanelLauren

Forums Analyst II
Staff member
Nov 14, 2017
8,120
663
263
Houston
cPanel Access Level
DataCenter Provider
Hi @csidev

I was going to mention to you that based on that output it looked like the SSL request was successful. I"m glad the issue has resolved itself at this time though, thank you for following up. More than likely the delay was in issuing the certificate as Google's safe browsing is something Comodo looks at before issuing certificates.

Thanks!