Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

The cPanel Store is processing the hostname certificate request

Discussion in 'Security' started by bmango, Oct 16, 2017.

  1. bmango

    bmango Member

    Joined:
    Jan 31, 2016
    Messages:
    5
    Likes Received:
    1
    Trophy Points:
    3
    Location:
    UK
    cPanel Access Level:
    Root Administrator
    Everyday I am receiving about two emails which say:

    The cPanel Store is processing the hostname certificate request.

    The system will check the cPanel Store again the next time that “/usr/local/cpanel/bin/checkallsslcerts” runs.

    The title for the email is:

    Output from your job 575

    Although the job number changes. Can anyone tell me how to stop these emails? I checked the crontab and have set all outputs to > /dev/null 2>&1, so it doesn't seem to be originating from here.

    I saw one link when researching this topic which suggested going to the Manage2 dashboard, but I didn't even know I had a Manage2 account and have no idea what my login details would be.
     
  2. cPWilliamL

    cPWilliamL cP Technical Analyst II
    Staff Member

    Joined:
    May 15, 2017
    Messages:
    257
    Likes Received:
    29
    Trophy Points:
    103
    Location:
    America
    cPanel Access Level:
    Root Administrator
    Hi bmango,

    The SSL email is being generated from the nightly maintenance, which runs as a part of the daily update cron job. It sounds like your hostname SSL CRT is about to expire. From the output, it has been validated locally but is still pending external verification. Have you confirmed your hostname currently resolves and that there aren't any firewall blocks that could be preventing the external validation? The DCV files should be located at '/var/www/html/.well-known/pki-validation/'. You can pick one of the DCV files, and test validation by curling it with your hostname:
    Code:
    # ls /var/www/html/.well-known/pki-validation/
    00A00C268912E85EDEE2A77EB55CBBB0.txt  6950719DCF6FC36E459D2939FED3DC10.txt  B36B813F766705ECB1188E5E195CBA11.txt
    02C45FD1AEC157354CA43F27D885DE6D.txt  6ACC2ED0348359598502155AC323810F.txt  B8920E51603535609E3C9926454F6378.txt
    
    # curl -sI "<hostname>.<tld>/.well-known/pki-validation/00A00C268912E85EDEE2A77EB55CBBB0.txt"
    HTTP/1.1 200 OK
    Date: Mon, 16 Oct 2017 12:29:30 GMT
    Server: Apache
    Last-Modified: Wed, 06 Sep 2017 20:38:21 GMT
    Accept-Ranges: bytes
    Content-Length: 77
    Content-Type: text/plain
    This could be coming from a large range of cron jobs as this is generic for any cron job that produces output. Is there no other information in the email? If not, you may need to correlate the time of the email with the cron log at '/var/log/cron'.
     
  3. bmango

    bmango Member

    Joined:
    Jan 31, 2016
    Messages:
    5
    Likes Received:
    1
    Trophy Points:
    3
    Location:
    UK
    cPanel Access Level:
    Root Administrator
    Thanks very much for your reply.

    I checked the location of the DCV files and they seem to be at /usr/local/apache/htdocs. I tried using curl and got the following output:

    Code:
    curl -sI "<redacted>/8CC24C30E69EDEA83F9758CA8549A636.txt"
    HTTP/1.1 200 OK
    Date: Tue, 17 Oct 2017 11:05:47 GMT
    Server: Apache
    Last-Modified: Sat, 14 Oct 2017 22:35:59 GMT
    Accept-Ranges: bytes
    Content-Length: 53
    Content-Type: text/plain
    I think the firewall may be the issue so I have whitelisted the comodo IPs which I found at Free cPanel-Signed Hostname Certificate - cPanel Knowledge Base - cPanel Documentation.
     
    #3 bmango, Oct 17, 2017
    Last edited by a moderator: Oct 18, 2017
  4. cPWilliamL

    cPWilliamL cP Technical Analyst II
    Staff Member

    Joined:
    May 15, 2017
    Messages:
    257
    Likes Received:
    29
    Trophy Points:
    103
    Location:
    America
    cPanel Access Level:
    Root Administrator
    This is not the correct path, which may be why the validation has not completed. Could you confirm your cPanel version? As of 62.0.26, 64.0.32, and 66.0.1, the DCV file should exist in the '/usr/local/apache/htdocs/.well-known/pki-validation' directory for EA3 and '/var/www/html/.well-known/pki-validation' for EA4. If you are not on one of these versions or greater, you'll need to update cPanel so it stores the DCV file in the new path, which was required by Comodo.
     
  5. bmango

    bmango Member

    Joined:
    Jan 31, 2016
    Messages:
    5
    Likes Received:
    1
    Trophy Points:
    3
    Location:
    UK
    cPanel Access Level:
    Root Administrator
    Infopro likes this.
Loading...

Share This Page