Could not renew the SSL certificate

psytanium

July 03, 2019 12:15

Hi, I keep receiving a remote mail from my server with those explanations :


AutoSSL did not renew the certificate for "addondomain.example.com". You must take action to keep this site secure.

The "cPanel" AutoSSL provider could not renew the SSL certificate without a reduction of coverage because of the following problems:

DNS DCV: The DNS query to "_cpanel-dcv-test-record.example.org" for the DCV challenge returned no "TXT" record that matches the value "_cpanel-dcv-test-record=Jk0kkYWHa_34DGPhXlYIk0PqS8qDcwp2W45LedGpp_GFVpiNbPVyjv80bWMyxL1H".; HTTP DCV: The system queried for a temporary file at "http://cpanel.example.org/.well-known/pki-validation/E1A574304E7DD8B0D202E7FD8D78E10B.txt", but the web server responded with the following error: 404 (Not Found). A DNS (Domain Name System) or web server misconfiguration may exist. The domain "cpanel.example.org" resolved to an IP address "160.153.xxx.xx" that does not exist on this server.

I checked the log in Manage Auto SSL, its all fine, no errors.

Comments

15 comments

cPanelLauren

July 05, 2019 19:33
The domain "cpanel.example.org" resolved to an IP address "160.153.xxx.xx" that does not exist on this server.

This seems to indicate that there was an issue in which the domain points to another IP address which doesn't belong to the server.
0
psytanium

July 06, 2019 15:25
But the server IP address is "160.153.xxx.xx"
0
cPanelLauren

July 08, 2019 14:18
Do you by chance have a NAT routed configuration on the server?
0
psytanium

July 09, 2019 11:03
I don't know but I don't think I configured a NAT.
0
psytanium

July 09, 2019 11:15
I checked the Auto SSL log, this is the result: Log for the AutoSSL run for "username": Tuesday, July 9, 2019 2:12:55 PM GMT+0300 (cPanel (powered by Sectigo)) 2:12:55 PM AutoSSL"s configured provider is "cPanel (powered by Sectigo)". This AutoSSL provider does not poll for certificate availability immediately after a certificate request submission. Instead, it submits certificate requests then periodically polls the cPanel Store for each requested certificate and installs it after a successful retrieval. The system will record all requests, retrievals, and installations for the current AutoSSL run in this log. Checking websites for "username" " 2:12:55 PM Analyzing "emirates*******.ae.example.com" " 2:12:55 PM SUCCESS TLS Status: OK Certificate expiry: 8/12/19, 12:00 AM UTC (33.53 days from now) 2:12:55 PM Analyzing "emirates******.com.example.com" " 2:12:55 PM SUCCESS TLS Status: OK Certificate expiry: 8/12/19, 12:00 AM UTC (33.53 days from now) 2:12:55 PM Analyzing "example.com" " 2:12:55 PM SUCCESS TLS Status: OK Certificate expiry: 8/9/19, 12:00 AM UTC (30.53 days from now) 2:12:55 PM Analyzing "khayrat********.com.example.com" " 2:12:55 PM SUCCESS TLS Status: OK Certificate expiry: 8/12/19, 12:00 AM UTC (33.53 days from now) 2:12:55 PM Analyzing "samaal*****.example.com" " 2:12:55 PM SUCCESS TLS Status: OK Certificate expiry: 8/30/19, 12:00 AM UTC (51.53 days from now) 2:12:55 PM The system has completed the AutoSSL check for "username".
0
cPanelLauren

July 09, 2019 15:00
All of the sites listed here have a valid certificate which does not expire for at least 30 days, I'm not seeing further errors.
0
nixuser

July 09, 2019 15:05
I checked the Auto SSL log, this is the result:

there are no errors related to ssl certs in those logs.
0
psytanium

July 09, 2019 16:22
Those are subdomains. The posted result is the check up log of only the main domain example.com, all others are subdomains. Why I'm receiving emails telling me : AutoSSL did not renew the certificate for "sama*******.example.com" ?
0
nixuser

July 09, 2019 17:24
In the logs, it says: Certificate expiry: 8/12/19, 12:00 AM UTC (33.53 days from now) 2:12:55 PM Analyzing "samaal*****.example.com" " 2:12:55 PM SUCCESS TLS Status: OK Is ssl working on that subdomain?
0
cPanelLauren

July 09, 2019 17:29
That says it is, TLS Status: OK indicates that you have an SSL and it also indicates at the top that the SSL you do have doesn't expire for 33.53 days.
0
psytanium

July 09, 2019 17:54
Exactly, I know, the log indicate everything is fine with this domain and addon domains. But why receiving this notification email ?
0
nixuser

July 09, 2019 18:13
What did the latest email say? Is it the same as before? It will be helpful if you paste the content here. Or open a ticket with cpanel?
0
cPanelLauren

July 09, 2019 18:45
I thought the output of the logs was something that was subsequent of the initial error you posted. If the domain is still not secured and that is your IP address I'd suggest opening a ticket so we can look further into this. Can you please open a ticket using the link in my signature? Once open please reply with the Ticket ID here so that we can update this thread with the resolution once the ticket is resolved. Thanks!
0
psytanium

July 09, 2019 18:46
Oh I noticed something, the notification is coming from the old server where the domain name was previously hosted. Really sorry.. Thanks anyway
0
nixuser

July 09, 2019 19:21
Oh I noticed something, the notification is coming from the old server where the domain name was previously hosted. Really sorry.. Thanks anyway

glad that it was sorted out. :)
0

Please sign in to leave a comment.

Comments

Didn't find what you were looking for?