Symptoms
After adding a new domain to a cPanel account, an AutoSSL certificate is not automatically installed on it.
Cause
With the release of cPanel v134.0.3, a unified SSL interface was added to cPanel, combining the SSL/TLS, SSL/TLS Status, and SSL/TLS Wizard interfaces. As part of this update, new domains no longer have a free Let's Encrypt certificate generated for them.
Internal: The default behavior is determined by license type. Currently only cPanel dev licenses should have this enabled.
Resolution
With the unified SSL interface introduced in cPanel v134.0.3, new domains no longer have a Let's Encrypt certificate issued automatically. When setting up SSL for a new domain, cPanel now explicitly prompts the user to review and accept the Let's Encrypt Terms of Service before a certificate can be issued. This ensures users are aware of and consent to the terms before a certificate is generated on their behalf.
Free Let's Encrypt certificates remain available and can be requested via the Wizard tab of the new SSL/TLS Certificates page.
If you would like to restore automatic SSL certificate creation for new domains — effectively accepting the Let's Encrypt Terms of Service on behalf of your users — you can do so by adding the following to your /var/cpanel/panel.ini file (create it if it does not exist):
CONFIG_TEXT: [global]
autossl.exclude_new_domains = false
Note: By configuring this option, you as the hosting provider take responsibility for ensuring that your users are informed of and in agreement with the Let's Encrypt Terms of Service.
Comments
0 comments
Article is closed for comments.