Using auto signed SSL instead of self signed for one account

m.eid

Well-Known Member
Jun 4, 2014
55
7
83
Jordan
cPanel Access Level
Root Administrator
Twitter
Hi, I have many of domains hosted on a VPS with WHM where all of them using SSL free from Cpanel powered by Sectigo, but a new domain didn't get it, and didn't ist in manage hosts, so I've tried to generate self signed SSL and checked autoSSL service but returned with this log
Code:
Log for the AutoSSL run for “example”: Wednesday, July 17, 2019 1:51:03 PM GMT+0300 (cPanel (powered by Sectigo))
 1:51:03 PM AutoSSL’s configured provider is “cPanel (powered by Sectigo)”.
 This AutoSSL provider does not poll for certificate availability immediately after a certificate request submission. Instead, it submits certificate requests then periodically polls the cPanel Store for each requested certificate and installs it after a successful retrieval. The system will record all requests, retrievals, and installations for the current AutoSSL run in this log.
 Checking websites for “example” …
 1:51:03 PM Analyzing “example.com” …
 1:51:03 PM ERROR TLS Status: Defective
 Certificate expiry: 7/16/20, 10:49 AM UTC (365 days from now)
 ERROR Defect: OPENSSL_VERIFY: The certificate chain failed OpenSSL’s verification (0:18:DEPTH_ZERO_SELF_SIGNED_CERT).
 1:51:03 PM Performing DCV (Domain Control Validation) …
 1:51:09 PM Redirection #1 (example.com): http://example.com/.well-known/pki-validation/6DE78F11B9483ED397F98719E9C9A884.txt → https://example.com/.well-known/pki-validation/6DE78F11B9483ED397F98719E9C9A884.txt
 WARN Local HTTP DCV error (example.com): “cPanel (powered by Sectigo)” forbids DCV HTTP redirections.
 1:51:14 PM Redirection #1 (www.example.com): http://www.example.com/.well-known/pki-validation/C04558E8197527B9F1AF5F2830F5F3D5.txt → https://www.example.com/.well-known/pki-validation/C04558E8197527B9F1AF5F2830F5F3D5.txt
 WARN Local HTTP DCV error (www.example.com): “cPanel (powered by Sectigo)” forbids DCV HTTP redirections.
 WARN Local HTTP DCV error (mail.example.com): “mail.example.com” does not resolve to any IP addresses on the internet.
 1:51:21 PM ERROR Local DNS DCV error (example.com): The DNS query to “_cpanel-dcv-test-record.example.com” for the DCV challenge returned no “TXT” record that matches the value “_cpanel-dcv-test-record=DPcCcG2xQVbTjetHCm8zCTV7y49NRP1GpSyxmVaBvUDcw30Yn4bUDe2qTM5fQkmn”.
 ERROR Local DNS DCV error (www.example.com): The DNS query to “_cpanel-dcv-test-record.example.com” for the DCV challenge returned no “TXT” record that matches the value “_cpanel-dcv-test-record=DPcCcG2xQVbTjetHCm8zCTV7y49NRP1GpSyxmVaBvUDcw30Yn4bUDe2qTM5fQkmn”.
 ERROR Local DNS DCV error (mail.example.com): The DNS query to “_cpanel-dcv-test-record.example.com” for the DCV challenge returned no “TXT” record that matches the value “_cpanel-dcv-test-record=DPcCcG2xQVbTjetHCm8zCTV7y49NRP1GpSyxmVaBvUDcw30Yn4bUDe2qTM5fQkmn”.
 1:51:21 PM Analyzing “example.com”’s DCV results …
 1:51:21 PM ERROR Impediment: TOTAL_DCV_FAILURE: Every domain failed DCV.
 1:51:21 PM The system has completed the AutoSSL check for “example”.
Note: domains are hosted by CloudFlare and local DNS is disabled, any suggestions?
 
Last edited by a moderator:

m.eid

Well-Known Member
Jun 4, 2014
55
7
83
Jordan
cPanel Access Level
Root Administrator
Twitter
I've tried to run autossl for all domains since some of them will expired 21-Jul, but all of these domains will expired soon give the same error, that domain doesn't point to this server, is there any suggestions?
 

cPanelMichael

Technical Support Community Manager
Staff member
Apr 11, 2011
47,749
2,205
363
cPanel Access Level
DataCenter Provider
Twitter
Hello @m.eid,

Is CloudFlare configured to redirect or forward all HTTP requests to HTTPS for the affected domain? If so, that's likely what's leading to the AutoSSL DCV failure noted below:

Code:
WARN Local HTTP DCV error (example.tld): “cPanel (powered by Sectigo)” forbids DCV HTTP redirections.
Thank you.