Renewing Externally Signed Certificate Question

knightmare

• July 30, 2018 02:26

Hello , I am using centos . I was installed WHM/cpanel on centos . I want to renew autossl certificate so tell me how to renew autossl certificate ?

• 

  Shood

  • July 30, 2018 09:05

  So you have an SSL certificate installed on your server and you asking about AutoSSL? If your certificate is issued by cPanel inc itself, AutoSSL will attempts to renew it within 15 days of expiration, if you'd like to know your AutoSSL situation browse to WHM -> SSL/TLS ->Manage AutoSSL, there you can see all included/excluded users from AutoSSL, also in Logs tab you can look for the AutoSSL run for all users

  0
• 

  vacancy

  • July 30, 2018 09:56

  Renewal is done automatically for 15 days before the certificate expires. Your cpanel license must be active for renewal to be available.

  0
• 

  knightmare

  • July 30, 2018 10:26

  Hello , Logs tab gave me this , 12:35:09 PM AutoSSL"s configured provider is "cPanel (powered by Comodo)". Checking websites for "domain" " 12:35:09 PM Checking "domain.com" " 12:35:09 PM ERROR TLS Status: Defective ERROR Certificate expiry: 4/19/18, 1:55 PM UTC (101.71 days ago) ERROR Defect: OPENSSL_VERIFY: The certificate chain failed OpenSSL"s verification (0:10:CERT_HAS_EXPIRED). Issuer: commonName=Let's Encrypt Authority X3, organizationName=Let's Encrypt, countryName=US Impediment: CERTIFICATE_IS_EXTERNALLY_SIGNED: The certificate is neither self-signed nor from AutoSSL.

  0
• 

  sli.studios

  • July 31, 2018 12:15

  ***THIS IS A PRESUMPTION, NOT A VALIDATED SOLUTION AS I AM ABOUT TO TRY THE SAME THING**** Hello @knightmare, as @Shood mentioned, you'll need to get into WHM to change the setting..

  • Again, go to: WHM -> SSL/TLS ->Manage AutoSSL
  • Under the [OPTIONS] tab, Check the box next to "[?] Allow AutoSSL to replace invalid or expiring non-AutoSSL certificates."
    • According to the Bright Yellow warning message below this option, it will Override any installed Certificates that are expiring, expired or insufficient (attachment). (if you have a valid EV or OV cert installed, go into cPanel > SSL/TLS Status and Exclude from AutoSSL the domain the valid certificate applies to)
  • Under the [Manage Users] tab, Select the radio button next to (") Enable AutoSSL for the user(s) you would like AutoSSL to run for
  • Click the (Run AutoSSL for All Users) button

  Give this a try and see if it works for you. --- Alternatively, delete the existing certificate from the server and run AutoSSL for the domains. Might be overkill, but sometimes it's good to start fresh. (be sure to download the previous Certificate just in-case)

  0
• 

  cPanelMichael

  • July 31, 2018 18:31

  :35:09 PM ERROR TLS Status: Defective ERROR Certificate expiry: 4/19/18, 1:55 PM UTC (101.71 days ago) ERROR Defect: OPENSSL_VERIFY: The certificate chain failed OpenSSL"s verification (0:10:CERT_HAS_EXPIRED). Issuer: commonName=Let's Encrypt Authority X3, organizationName=Let's Encrypt, countryName=US Impediment: CERTIFICATE_IS_EXTERNALLY_SIGNED: The certificate is neither self-signed nor from AutoSSL.

  
  Hello @knightmare, The information in the previous post is correct. Let us know if that helps. Thank you.

  0
• 

  knightmare

  • August 01, 2018 12:20

  Hello , Thank you :D

  0
• 

  jessicarose

  • August 29, 2019 21:06

  Did that solution work for you? It did not for me... My issue was that the two domains were set up as the primary domain and an alias. This is an issue because both domain by default will connect to the /public_html directory. To correct this I removed the alias and added it as an addon domain. Now my primary domain has a third party SSL Certificate and the addon domain has the autossl installed. I hope this helps.

  0

Please sign in to leave a comment.