ERROR SSL INSTALL: TLS Status: Defective
Hi. I've tried installing Auto SSL on Cpanel for my domain.
The process has been in the pending list for a long time. When I checked the logs, I see this error:
12:26:44 PM ERROR TLS Status: Defect
ERROR Defect: NO_SSL: No SSL certificate is installed.
See the screenshot.
Any suggestion?
Thank you in advance.
-
Hi @marcelo falcao Based on the screenshot you've provided it appears that the SSL certificate is waiting to be processed. What is the output you get when running the following: /usr/local/cpanel/bin/autossl_check_cpstore_queue --force
Thanks!0 -
Hi! Thanks, but i receive this message: Polling for "username"s new certificate for "domain.com.br" (order item ID "1234567") " The certificate is not available. (processing) 0 -
Hi @marcelo falcao The Order Item ID was edited to not contain personally identifying information but in viewing the pre-edit version I looked up the certificate and found that it is not passing the DCV check due to the following: Action: CNAME @192.168.XXX.181 _5851163161427c1308bab4dc0a2e8980.domain.com.br. Outcome: read udp 192.168.XXX.61:45077->192.168.XXX.181:53: i/o timeout Status: ERROR Action: CNAME @192.168.XXX.182 _5851163161427c1308bab4dc0a2e8980.domain.com.br. Outcome: read udp 192.168.XXX.61:56422->192.168.XXX.182:53: i/o timeout Status: ERROR Action: GET http://domain.com.br/.well-known/pki-validation/hash.txt Outcome: Get http://domain.com.br/.well-known/pki-validation/hash.txt: dial tcp: lookup domain.com.br on 10.255.XXX.2:53: read udp 192.168.XXX.61:42699->10.255.XX.2:53: i/o timeout Status: FAILED
Note that all IP's listed are internal IP addresses. It would seem that you're NAT routing has a misconfiguration. I'm also not able to query your domain's IP address:$ dig a domain.com.br ; <<>> DiG 9.10.6 <<>> a domain.com.br ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 5395 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 1280 ;; QUESTION SECTION: ;domain.com.br. IN A ;; Query time: 2 msec ;; SERVER: 208.74.121.50#53(208.74.121.50) ;; WHEN: Mon Jul 23 07:36:59 CDT 2018 ;; MSG SIZE rcvd: 49
Please note that I used your actual domain for this. I also looked up the domain's nameservers which also don't resolve. Our documentation on NAT configurations may be helpful 1:1 NAT - Version 72 Documentation - cPanel Documentation if you've exhausted the options within the documentation and your domain still does not resolve you would need to contact your provider for further assistance. Thanks!0
Please sign in to leave a comment.
Comments
3 comments