First, verify that the Tweak Setting "Allow cPanel users to install SSL Hosts" is enabled:
- 1. Log in to WHM as root
- 2. Navigate to the Tweak Settings page via the sidebar
- 3. Use the search box in the top right of the Tweak Settings page to find the required setting
- 4. Set the value to "Enabled."
- 5. Scroll to the bottom of the page and click "Save."
If this setting was previously disabled, rerun AutoSSL now. A new certificate will install if no issues remain.
If this setting was previously enabled, or if there is no change in certificate coverage, please check the AutoSSL logs for DNS issues.
- 1. Log into WHM as root.
- 2. Use the sidebar to navigate to "Manage AutoSSL."
- 3. Click the "Logs" tab.
- 4. Ensure the newest log is selected, then click "View Log."
If you see lines in this log similar to the following:
WARN Local HTTP DCV error (subdomain.example.com): "subdomain.example.com" does not resolve to any IP addresses on the internet.
[WARN] The system failed to acquire a signed certificate from the cPanel Store because of the following error: (XID XXXXX) The system queried for a temporary file at "http://subdomain.example.com/X.txt", but the web server responded with the following error: 404 (Not Found). A DNS (Domain Name System) or web server misconfiguration may exist.
then you must ensure that either DNS records for this domain are correct, or you must exclude the domain from AutoSSL.
You can exclude specific subdomains from the SSL/TLS Status page in cPanel