The cPanel Store is processing the hostname certificate request

[bmango]

Everyday I am receiving about two emails which say:

The cPanel Store is processing the hostname certificate request.

The system will check the cPanel Store again the next time that “/usr/local/cpanel/bin/checkallsslcerts” runs.

The title for the email is:

Output from your job 575

Although the job number changes. Can anyone tell me how to stop these emails? I checked the crontab and have set all outputs to > /dev/null 2>&1, so it doesn't seem to be originating from here.

I saw one link when researching this topic which suggested going to the Manage2 dashboard, but I didn't even know I had a Manage2 account and have no idea what my login details would be.

 

[cPWilliamL]

Hi bmango,

The cPanel Store is processing the hostname certificate request.

The SSL email is being generated from the nightly maintenance, which runs as a part of the daily update cron job. It sounds like your hostname SSL CRT is about to expire. From the output, it has been validated locally but is still pending external verification. Have you confirmed your hostname currently resolves and that there aren't any firewall blocks that could be preventing the external validation? The DCV files should be located at '/var/www/html/.well-known/pki-validation/'. You can pick one of the DCV files, and test validation by curling it with your hostname:

# ls /var/www/html/.well-known/pki-validation/
00A00C268912E85EDEE2A77EB55CBBB0.txt  6950719DCF6FC36E459D2939FED3DC10.txt  B36B813F766705ECB1188E5E195CBA11.txt
02C45FD1AEC157354CA43F27D885DE6D.txt  6ACC2ED0348359598502155AC323810F.txt  B8920E51603535609E3C9926454F6378.txt

# curl -sI "<hostname>.<tld>/.well-known/pki-validation/00A00C268912E85EDEE2A77EB55CBBB0.txt"
HTTP/1.1 200 OK
Date: Mon, 16 Oct 2017 12:29:30 GMT
Server: Apache
Last-Modified: Wed, 06 Sep 2017 20:38:21 GMT
Accept-Ranges: bytes
Content-Length: 77
Content-Type: text/plain

Output from your job 575

This could be coming from a large range of cron jobs as this is generic for any cron job that produces output. Is there no other information in the email? If not, you may need to correlate the time of the email with the cron log at '/var/log/cron'.

 

[bmango]

Thanks very much for your reply.

I checked the location of the DCV files and they seem to be at /usr/local/apache/htdocs. I tried using curl and got the following output:

curl -sI "<redacted>/8CC24C30E69EDEA83F9758CA8549A636.txt"
HTTP/1.1 200 OK
Date: Tue, 17 Oct 2017 11:05:47 GMT
Server: Apache
Last-Modified: Sat, 14 Oct 2017 22:35:59 GMT
Accept-Ranges: bytes
Content-Length: 53
Content-Type: text/plain

I think the firewall may be the issue so I have whitelisted the comodo IPs which I found at Free cPanel-Signed Hostname Certificate - cPanel Knowledge Base - cPanel Documentation.

 

[cPWilliamL]

This is not the correct path, which may be why the validation has not completed. Could you confirm your cPanel version? As of 62.0.26, 64.0.32, and 66.0.1, the DCV file should exist in the '/usr/local/apache/htdocs/.well-known/pki-validation' directory for EA3 and '/var/www/html/.well-known/pki-validation' for EA4. If you are not on one of these versions or greater, you'll need to update cPanel so it stores the DCV file in the new path, which was required by Comodo.

 

[bmango]

Thanks again for your reply. In the end I followed the instructions at Free cPanel-Signed Hostname Certificate - cPanel Knowledge Base - cPanel Documentation to disable the requests by adding a file "disable_service_certificate_management" in the /var/cpanel/ssl folder. I also updated the cPanel to the latest version, as mine had not been updated for about 2 years!