Symptoms
After running the autossl_check script or running the AutoSSL from the WHM/cPanel GUI interfaces for any specific domain you might come across these errors in either AutoSSL's error logs or on the screen:
Local HTTP DCV error (www.foo.com): “www.foo.bar” does not resolve to any IP addresses on the internet.
Local HTTP DCV error (foo.com): The system queried for a temporary file at “http://foo.com/.well-known/pki-validation/035E09611D59A686B7DBE9F04D597A23.txt”, but the web server responded with the following error: 404 (Not Found). A DNS (Domain Name System) or web server misconfiguration may exist. The domain “foo.com” resolved to an IP address “172.16.1.17” that does not exist on this server.
Please refer to this link from our official documentation for more information on the autossl_check script:
https://docs.cpanel.net/whm/scripts/the-autossl_check-script/
Description
This means AutoSSL is having problems resolving the IP of a domain back to the server, either because the domain is not resolving to any IPs or it is resolving to an IP that is not bound to the server and as a result, AutoSSL fails to complete the HTTP DCV validation step. You can confirm that by running this command: (Replace foo.com with your domain)
dig +short foo.com
Or alternatively by using an online tool similar to this:
https://intodns.com/
If you see no IP or an unfamiliar IP that does not exist on the server then that means the DNS value for the domain needs to be updated first, otherwise, AutoSSL will not be able to issue an SSL certificate.
Workaround
The DNS record for the domain must be updated with the current IP of the server. You can update the DNS value for a zone/domain form the authoritative name servers for that domain.