Question
Why is a website using the wrong SSL certificate?
Answer
First, verify that the Tweak Setting Allow cPanel users to install SSL Hosts is enabled:
-
Log in to WHM as
root - Navigate to Home / Server Configuration / Tweak Settings
- Set the Allow cPanel users to install SSL Hosts value to Enabled
- Click Save at the bottom of the page
If this setting was previously disabled, rerun AutoSSL now. A new certificate will be installed if no issues remain.
If this setting was previously enabled, or if there is no change in certificate coverage, please check the AutoSSL logs for DNS issues.
-
Log in to WHM as
root - Navigate to Home / SSL/TLS / Manage AutoSSL
- Click the Logs tab
- Ensure the newest log is selected, then click View Log
If you see lines in this log similar to the following examples:
CONFIG_TEXT: WARN Local HTTP DCV error (subdomain.example.com): "subdomain.example.com" does not resolve to any IP addresses on the internet.
CONFIG_TEXT: [WARN] The system failed to acquire a signed certificate from the cPanel Store because of the following error: (XID XXXXX) The system queried for a temporary file at "http://subdomain.example.com/X.txt", but the web server responded with the following error: 404 (Not Found). A DNS (Domain Name System) or web server misconfiguration may exist.
you must ensure that either the DNS records for this domain are correct, or you must exclude the domain from AutoSSL.
You can view details on how to exclude domains from AutoSSL here:
There may also be a custom includes file causing the wrong SSL certificate to be used. You will want to review any customizations within /etc/apache2/conf.d/userdata/ to see if they're responsible.
Comments
0 comments
Article is closed for comments.