Hello,
WHM 104.0.8 - Having the same issue on a couple of sites, posted one domain error below.
Sectigo IP was already allowed.
Getting different errors for each retry
WHM 104.0.8 - Having the same issue on a couple of sites, posted one domain error below.
Sectigo IP was already allowed.
Getting different errors for each retry
@nshah14285 - the best advice is to try switching to the Let's Encrypt SSL provider:
docs.cpanel.net
The Let's Encrypt Plugin | cPanel & WHM Documentation
This plugin allows the AutoSSL feature to issue certificates from the Let's Encrypt™ provider.
docs.cpanel.net
LetsEncrypt rate limits requests so while that might be the best advice, it's not acceptably good advice because it produces the same result: sites with no valid certificates. I have angry clients who now have expired certificates banging on my support line. Passing that along.
Hoping I will be able to give them an acceptable answer soon.
Hoping I will be able to give them an acceptable answer soon.
@nshah14285 - the best advice is to try switching to the Let's Encrypt SSL provider:
The Let's Encrypt Plugin | cPanel & WHM Documentation
This plugin allows the AutoSSL feature to issue certificates from the Let's Encrypt™ provider.
FWIW, I've had a similar-but-different error for the last few days:
The system failed to acquire a signed certificate from the cPanel Store because of the following error: (XID d56kaj) The cPanel Store returned an error (X::TemporarilyUnavailable) in response to the request “POST ssl/certificate/whm-license/90-day”: We were unable to process your request. Please try again later.
I consider switching to LE to be a last resort because of the rate limit (same as @LoadFactor), but if it must be done temporarily then it is what it is.
The system failed to acquire a signed certificate from the cPanel Store because of the following error: (XID d56kaj) The cPanel Store returned an error (X::TemporarilyUnavailable) in response to the request “POST ssl/certificate/whm-license/90-day”: We were unable to process your request. Please try again later.
I consider switching to LE to be a last resort because of the rate limit (same as @LoadFactor), but if it must be done temporarily then it is what it is.
Since this is quite an ongoing issue, are there any plans to support using multiple AutoSSL Providers? Seems trivial to code for "setting a default provider: cPanel", on X::TemporarilyUnavailable try issuing using LE instead@nshah14285 - the best advice is to try switching to the Let's Encrypt SSL provider:
The Let's Encrypt Plugin | cPanel & WHM Documentation
This plugin allows the AutoSSL feature to issue certificates from the Let's Encrypt™ provider.
Yes, that's something that's being worked on. For more details, you can follow along here:
features.cpanel.net
AutoSSL fail-over
Apparently it's possible that your provider is too busy to provide certificates for a long time and expiring certificates on your hosted websites. I sugge
features.cpanel.net
Any idea what other solutions are being looked at by any chance? Thanks.Yes, that's something that's being worked on. For more details, you can follow along here:
AutoSSL fail-over
Apparently it's possible that your provider is too busy to provide certificates for a long time and expiring certificates on your hosted websites. I sugge
-Michael
Honestly, given how many issues we encounter lately with sectigo, cpanel should either remove them as the default provider, or work with sectigo to fix their issues. Although they're the default and are considered "superior" by cpanel (in the description), i see that everytime someone has an issue, cpanel recommends installing and switching to LE. Then why not include them by default?
LE rate limits requests, which is why we switched to Sectigo. Now Sectigo's reliability is spotty. One (preferably more than one) fallback seems to be the best approach since even without rate limits or capacity problems, it's still possible for a provider to be unavailable.
That part I don't know.
As far as to "why isn't LE the default yet" - as @LoadFactor said, they do have more strict ratelimits in place. All I can confirm is that we're exploring multiple options for the future at this point.
After retrying several times to request a SSL and getting the failure message, I did a graceful restart and attempted again, and it worked! Not the best way to address it, but with no other easy options, it was worth a try.
A reboot wouldn't change the behavior of the AutoSSL tools, so that's not something I'd recommend. The timing of it working after the reboot is purely a coincidence.
I'm having the same problem too, in all my cPanel servers.
The “cPanel (powered by Sectigo)” provider cannot currently accept incoming requests. The system will try again later.
I had to develop a script to check all SSL's once a day, because I had 2 websites offline (clients) due to expired certificate.
The “cPanel (powered by Sectigo)” provider cannot currently accept incoming requests. The system will try again later.
I had to develop a script to check all SSL's once a day, because I had 2 websites offline (clients) due to expired certificate.
Let's be frank... the cPanel licenses increased significantly over the last year or two... and you took your profits. That's fine.
However, there is an implicit agreement here, and that is that providing SSL certificates is part of that arrangement. You now have an issue with a partner in YOUR agreement... and they are apparently having trouble fulfilling their responsibilities.... which is leaving cPanel having difficulty fulfilling their duty to those of us who purchased licenses.
"...exploring multiple options for the future at this point" is not a reassuring comment on how you plan to address this serious failure in the product's performance. It does appear to me, at least, that cPanel is taking this matter rather casually right now... not at all as seriously as they regarded their need to increase prices.
Is your position one of "too bad... wait it out"... because we have little choice? If I might suggest, cPanel should get on the ball, issue an official statement, and reassure those of us who have paid for the service that you are working diligently on a rapid solution to a serious problem.
My direct financial relationship in this situation is with my server provider, not cPanel, so I will be putting the heat on them which I'm trusting they will pass on to cPanel.... and which every server provider using cPanel should be doing.
It is unsettling to read the forum comments on this serious failure of service... and find that it does not appear to be regarded as such by cPanel. It certainly makes evident the dangers of a lack of competition.
With all due respect... I love your software and how much easier it makes my day when it comes to managing our server group.,,, and I accepted the price increases w/o complaint, all things considered.
Please don't now start leaving me with questions regarding your concern for your responsibility to fix this issue... and fix it quickly.
However, there is an implicit agreement here, and that is that providing SSL certificates is part of that arrangement. You now have an issue with a partner in YOUR agreement... and they are apparently having trouble fulfilling their responsibilities.... which is leaving cPanel having difficulty fulfilling their duty to those of us who purchased licenses.
"...exploring multiple options for the future at this point" is not a reassuring comment on how you plan to address this serious failure in the product's performance. It does appear to me, at least, that cPanel is taking this matter rather casually right now... not at all as seriously as they regarded their need to increase prices.
Is your position one of "too bad... wait it out"... because we have little choice? If I might suggest, cPanel should get on the ball, issue an official statement, and reassure those of us who have paid for the service that you are working diligently on a rapid solution to a serious problem.
My direct financial relationship in this situation is with my server provider, not cPanel, so I will be putting the heat on them which I'm trusting they will pass on to cPanel.... and which every server provider using cPanel should be doing.
It is unsettling to read the forum comments on this serious failure of service... and find that it does not appear to be regarded as such by cPanel. It certainly makes evident the dangers of a lack of competition.
With all due respect... I love your software and how much easier it makes my day when it comes to managing our server group.,,, and I accepted the price increases w/o complaint, all things considered.
Please don't now start leaving me with questions regarding your concern for your responsibility to fix this issue... and fix it quickly.
Last edited:
For what it's worth, I am a loooooong time user of cPanel and more recently WHM, I host 300+ websites and yes I do get this issue too and it can be frustrating, however I just sit and try again and after 4 or 5 attempts it goes through, it's not a massive issue. Some people above venting their anger and frustration, and that's fine, but i'd understand this more if AutoSSL just didn't work full stop, that's not the case, it does work, you just have to be a bit persistent until the issue is resolved.
Keep up the good work cPanel!
Keep up the good work cPanel!
Interesting.... why would one have to be persistent if the process was working automatically?
As you stated... you have to manually try again 4 or 5 times.... that is not auto. My experience has been similar... I have to retrigger the renewal a few times manually. However, until this started to happen repeatedly... I was not even aware that it was the problem or that there was even a suggestion on how to mitigate for now. I had to wait for clients to tell me their sites were having SSL issues.
I totally understand the difficulties suppliers face on the net... it's the lack of communication with customers on these issues that results in the frustration and venting you noted. The old days of "saving face" have no place in this digital environment, nor does a "need to know" policy.
And on the other hand... any customer who believes there should never be any problems is just as naive,
If I have a server go down, I notify my user base... give a short explanation of the issue if possible, give them an ETA (or even an "I don't know right now")... and then let them know as soon as things are back up. Sure, some are still upset... but they are informed.
My server provider did contact cPanel and then got back to me.. excellent,
The cPanel rep relayed an explanation of the issue to the best of his ability... that a limit had been imposed by Sectigo (apparently there are articles on this?) and that he was currently unable to find exactly what was being done about it (if anything at all) right now.
That's honest... and I guess explains the "...exploring multiple options for the future at this point..." statement.
Your simple suggestion of manually retrying the update a few times to get the new cert installed was more informative than anything coming out of the supply chain. Thank-you.
So again.... communication.
As you stated... you have to manually try again 4 or 5 times.... that is not auto. My experience has been similar... I have to retrigger the renewal a few times manually. However, until this started to happen repeatedly... I was not even aware that it was the problem or that there was even a suggestion on how to mitigate for now. I had to wait for clients to tell me their sites were having SSL issues.
I totally understand the difficulties suppliers face on the net... it's the lack of communication with customers on these issues that results in the frustration and venting you noted. The old days of "saving face" have no place in this digital environment, nor does a "need to know" policy.
And on the other hand... any customer who believes there should never be any problems is just as naive,
If I have a server go down, I notify my user base... give a short explanation of the issue if possible, give them an ETA (or even an "I don't know right now")... and then let them know as soon as things are back up. Sure, some are still upset... but they are informed.
My server provider did contact cPanel and then got back to me.. excellent,
The cPanel rep relayed an explanation of the issue to the best of his ability... that a limit had been imposed by Sectigo (apparently there are articles on this?) and that he was currently unable to find exactly what was being done about it (if anything at all) right now.
That's honest... and I guess explains the "...exploring multiple options for the future at this point..." statement.
Your simple suggestion of manually retrying the update a few times to get the new cert installed was more informative than anything coming out of the supply chain. Thank-you.
So again.... communication.
| Thread starter | Similar threads | Forum | Replies | Date |
|---|---|---|---|---|
| E | “cpanellogd.lock” is not a valid service name. | Server Management | 1 |
| Similar threads |
|---|
| “cpanellogd.lock” is not a valid service name. |