Skip to main content
We are aware of an issue with a recent Apache update that causes proxied sites to return a "421 Misdirected Request" error. Please see the following article for more information and updates:
Websites show 421 Misdirected Request error while using EA Nginx

AutoSSL Renewal Issues

Scott Greczkows
Not sure what changed, but I am getting errors on my server on all the domains on the server when I try (or it runs on its own) to update the autoSSL certificates for all domains on the machine. I have searched for answers and have not found a solution. I do not have IPV6 enabled on the server, nor is there a .htaccess redirect to SSL only... however I do notice when I go to an unsecure site it takes me to the secure site, so there is a redirect happening somewhere. In this example I have a domain of example.com which is an email only account, if I go to http://www.example.com
it takes me to his index.html homepage. (and that is the only file in there for that site.) there is no .htaccess file or anything... yet when I go to the website it takes me to the https version of the site. When the certificate tries renewing on this site (or ANY site hosted on this server I am getting the following errors... Log for the AutoSSL run for "example": Friday, May 24, 2019 10:36:59 AM GMT-0400 (cPanel (powered by Sectigo)) 10:36:59 AM AutoSSL"s configured provider is "cPanel (powered by Sectigo)". This AutoSSL provider does not poll for certificate availability immediately after a certificate request submission. Instead, it submits certificate requests then periodically polls the cPanel Store for each requested certificate and installs it after a successful retrieval. The system will record all requests, retrievals, and installations for the current AutoSSL run in this log. Checking websites for "example" " 10:36:59 AM Analyzing "example.com" " 10:36:59 AM TLS Status: Ready for Renewal WARN Certificate expiry: 5/31/19, 12:00 AM UTC (6.39 days from now) 10:36:59 AM Performing DCV (Domain Control Validation) " 10:36:59 AM WARN Local HTTP DCV error (example.com): An internal error occurred. Check the system log. (XID: mtzj8k) WARN Local HTTP DCV error (http://www.example.com): An internal error occurred. Check the system log. (XID: 57fnt8) WARN Local HTTP DCV error (mail.example.com): An internal error occurred. Check the system log. (XID: 63tq66) 10:37:06 AM ERROR Local DNS DCV error (example.com): The DNS query to "_cpanel-dcv-test-record.example.com" for the DCV challenge returned no "TXT" record that matches the value "_cpanel-dcv-test-record=0iurcV04P0tQFRxqAj2ruVfbLYCPcuJQ_oTnzwMBNAgtd5NifiTL6VeAG5zilnCh". ERROR Local DNS DCV error (http://www.example.com): The DNS query to "_cpanel-dcv-test-record.exmple.com" for the DCV challenge returned no "TXT" record that matches the value "_cpanel-dcv-test-record=0iurcV04P0tQFRxqAj2ruVfbLYCPcuJQ_oTnzwMBNAgtd5NifiTL6VeAG5zilnCh". ERROR Local DNS DCV error (mail.example.com): The DNS query to "_cpanel-dcv-test-record.example.com" for the DCV challenge returned no "TXT" record that matches the value "_cpanel-dcv-test-record=0iurcV04P0tQFRxqAj2ruVfbLYCPcuJQ_oTnzwMBNAgtd5NifiTL6VeAG5zilnCh". 10:37:06 AM Analyzing "example.com""s DCV results " 10:37:06 AM ERROR Impediment: TOTAL_DCV_FAILURE: Every domain failed DCV. 10:37:06 AM The system has completed the AutoSSL check for "example".
Any idea why this is happening? We have not changed anything and autoSSL renewal before always worked flawlessly. Thanks

Comments

9 comments

Date Votes
  • cPanelLauren
    Hi @Scott Greczkows Have you added an forced redirect to https? I was able to see the pre-edit version of the post prior to the domain name removal and when I run the following I show it's being redirected to https which would cause a failure on the DCV: curl -kvv domain.tld
    0
  • Scott Greczkows
    It does seem to be getting force redirected from http to https but I can't figure out where as there is now .htaccess file which is where I have put forced redirects for other domains on the server. But this domain has nothing. This server is running apache. Thanks
    0
  • cPanelLauren
    Hi @Scott Greczkows Are you using a CMS like WordPress? These are actually manageable through the WordPress Dashboard as well as through an .htaccess file.
    0
  • Scott Greczkows
    Nope... the entire directory is empty except for a simple html file. I can not figure out where the redirect is coming from. Its driving me nuts. [root@vps public_html]# curl -kvv domain.com * About to connect() to domain.com port 80 (#0) * Trying ... connected * Connected to domain.com () port 80 (#0) > GET / HTTP/1.1 > User-Agent: curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.27.1 zlib/1.2.3 libidn/1.18 libssh2/1.4.2 > Host: domain.com > Accept: */* > < HTTP/1.1 301 Moved Permanently < Date: Fri, 24 May 2019 16:58:01 GMT < Server: Apache < Location: Untitled Document < Content-Length: 230 < Content-Type: text/html; charset=iso-8859-1 < 301 Moved Permanently

    Moved Permanently

    The document has moved here.

    * Connection #0 to host domain.com left intact * Closing connection #0
    ***EDITED*** to remove domain names/IP address and add code blocks
    0
  • Scott Greczkows
    Cant figure out why this domain is auto redirected to ssl. There is no .htaccess and in the channel Force HTTPS is off. I am pulling my hair out here (what is left of it) :D
    0
  • cPanelLauren
    Hi @Scott Greczkows There is also the possibility that there is a VirtualHost entry in the Apache configuration that's doing this. You would need to check in WHM>>Service Configuration>>Apache Configuration -> Include Editor or the domain-specific include. The documentation on this may be helpful for locations to check: Modify Apache Virtual Hosts with Include Files - EasyApache 4 - cPanel Documentation Thanks!
    0
  • Scott Greczkows
    Nope all empty in there... I am stumped. I just put in a ticket. support request ID: 12387795 as I am going on vacation and this SSL expires while I am away. Spent a few hours on this already... I do thank you for your help... this should have been an easy one. And its only on this domain which is so strange.
    0
  • cPanelLauren
    Hi @Scott Greczkows That was going to be my next suggestion as well! I'll take a look at the ticket and update here when it's complete. Thanks!
    0
  • cPanelLauren
    Hi @Scott Greczkows I took a quick look at the home directory for the user and found that there is an .htaccess in place and the only thing inside it is a redirect to https: [14:03:33 vps root@12387795 /home/$youruser/public_html]cPs# cat .htaccess RewriteEngine On RewriteCond %{HTTPS} !=on RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
    0

Please sign in to leave a comment.

Didn't find what you were looking for?

New post