Symptoms
When running AutoSSL, you may receive an error similar to the following:
CONFIG_TEXT: Local HTTP DCV error (www.domain.tld): “www.domain.tld” does not resolve to any IP addresses on the internet.
CONFIG_TEXT: Local HTTP DCV error (domain.tld): The system queried for a temporary file at “http://domain.tld/.well-known/pki-validation/035E09611D59A686B7DBE9F04D597A23.txt”, but the web server responded with the following error: 404 (Not Found). A DNS (Domain Name System) or web server misconfiguration may exist. The domain “domain.tld” resolved to an IP address “203.0.113.2” that does not exist on this server.
Note: domain.tld and 203.0.113.2 are used as placeholders for the actual domain and IP address in the error.
Cause
This means AutoSSL is having problems resolving a domain to an IP address, either because the domain is not resolving to any IP address or is resolving to an IP address that is not bound to the server. As a result, AutoSSL fails to complete the HTTP DCV (Domain Control Validation) check. AutoSSL is only able to issue SSL certificates for domains that resolve to an IP address on the server.
You can run the following command, either from a different server or your local terminal, to confirm if the domain is resolving to an IP address:
# dig A domain.tld
Resolution
In order to issue an SSL certificate for a domain using AutoSSL, you must point the domain to an IP address that exists on the server and is assigned to the domains cPanel account. In most cases, this can be achieved by updating the domains "A" record for an IPv4 address and "AAAA" record for an IPv6 address.
Note: DNS records must be updated where DNS is hosted for the domain.
Additional Resources
How to find out where a domain's DNS is hosted
Comments
0 comments
Article is closed for comments.