Using auto signed SSL instead of self signed for one account

m.eid

Well-Known Member
Jun 4, 2014
54
6
83
Jordan
cPanel Access Level
Root Administrator
Twitter
Hi, I have many of domains hosted on a VPS with WHM where all of them using SSL free from Cpanel powered by Sectigo, but a new domain didn't get it, and didn't ist in manage hosts, so I've tried to generate self signed SSL and checked autoSSL service but returned with this log
Code:
Log for the AutoSSL run for “example”: Wednesday, July 17, 2019 1:51:03 PM GMT+0300 (cPanel (powered by Sectigo))
 1:51:03 PM AutoSSL’s configured provider is “cPanel (powered by Sectigo)”.
 This AutoSSL provider does not poll for certificate availability immediately after a certificate request submission. Instead, it submits certificate requests then periodically polls the cPanel Store for each requested certificate and installs it after a successful retrieval. The system will record all requests, retrievals, and installations for the current AutoSSL run in this log.
 Checking websites for “example” …
 1:51:03 PM Analyzing “example.com” …
 1:51:03 PM ERROR TLS Status: Defective
 Certificate expiry: 7/16/20, 10:49 AM UTC (365 days from now)
 ERROR Defect: OPENSSL_VERIFY: The certificate chain failed OpenSSL’s verification (0:18:DEPTH_ZERO_SELF_SIGNED_CERT).
 1:51:03 PM Performing DCV (Domain Control Validation) …
 1:51:09 PM Redirection #1 (example.com): http://example.com/.well-known/pki-validation/6DE78F11B9483ED397F98719E9C9A884.txt → https://example.com/.well-known/pki-validation/6DE78F11B9483ED397F98719E9C9A884.txt
 WARN Local HTTP DCV error (example.com): “cPanel (powered by Sectigo)” forbids DCV HTTP redirections.
 1:51:14 PM Redirection #1 (www.example.com): http://www.example.com/.well-known/pki-validation/C04558E8197527B9F1AF5F2830F5F3D5.txt → https://www.example.com/.well-known/pki-validation/C04558E8197527B9F1AF5F2830F5F3D5.txt
 WARN Local HTTP DCV error (www.example.com): “cPanel (powered by Sectigo)” forbids DCV HTTP redirections.
 WARN Local HTTP DCV error (mail.example.com): “mail.example.com” does not resolve to any IP addresses on the internet.
 1:51:21 PM ERROR Local DNS DCV error (example.com): The DNS query to “_cpanel-dcv-test-record.example.com” for the DCV challenge returned no “TXT” record that matches the value “_cpanel-dcv-test-record=DPcCcG2xQVbTjetHCm8zCTV7y49NRP1GpSyxmVaBvUDcw30Yn4bUDe2qTM5fQkmn”.
 ERROR Local DNS DCV error (www.example.com): The DNS query to “_cpanel-dcv-test-record.example.com” for the DCV challenge returned no “TXT” record that matches the value “_cpanel-dcv-test-record=DPcCcG2xQVbTjetHCm8zCTV7y49NRP1GpSyxmVaBvUDcw30Yn4bUDe2qTM5fQkmn”.
 ERROR Local DNS DCV error (mail.example.com): The DNS query to “_cpanel-dcv-test-record.example.com” for the DCV challenge returned no “TXT” record that matches the value “_cpanel-dcv-test-record=DPcCcG2xQVbTjetHCm8zCTV7y49NRP1GpSyxmVaBvUDcw30Yn4bUDe2qTM5fQkmn”.
 1:51:21 PM Analyzing “example.com”’s DCV results …
 1:51:21 PM ERROR Impediment: TOTAL_DCV_FAILURE: Every domain failed DCV.
 1:51:21 PM The system has completed the AutoSSL check for “example”.
Note: domains are hosted by CloudFlare and local DNS is disabled, any suggestions?
 
Last edited by a moderator:

m.eid

Well-Known Member
Jun 4, 2014
54
6
83
Jordan
cPanel Access Level
Root Administrator
Twitter
I've tried to run autossl for all domains since some of them will expired 21-Jul, but all of these domains will expired soon give the same error, that domain doesn't point to this server, is there any suggestions?
 

m.eid

Well-Known Member
Jun 4, 2014
54
6
83
Jordan
cPanel Access Level
Root Administrator
Twitter
I've tried to disable proxy over CloudFlare (Orange Cloud Icon) and it works well to renew SSL, is there any way to override this rather than do it every time need to renew SSL?
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,910
2,212
363
Hello @m.eid,

Is CloudFlare configured to redirect or forward all HTTP requests to HTTPS for the affected domain? If so, that's likely what's leading to the AutoSSL DCV failure noted below:

Code:
WARN Local HTTP DCV error (example.tld): “cPanel (powered by Sectigo)” forbids DCV HTTP redirections.
Thank you.