ERROR Defect: CERT_HAS_EXPIRED, but AutoSSL is not creating a new cert.
Log for the AutoSSL run for "domain": Wednesday, February 26, 2020 10:08:33 AM GMT-0500 (cPanel (powered by Sectigo))
10:08:33 AM AutoSSL"s configured provider is "cPanel (powered by Sectigo)".
This AutoSSL provider does not poll for certificate availability immediately after a certificate request submission. Instead, it submits certificate requests then periodically polls the cPanel Store for each requested certificate and installs it after a successful retrieval. The system will record all requests, retrievals, and installations for the current AutoSSL run in this log.
Analyzing "domain""s domains "
10:08:33 AM Analyzing "domain.com" "
10:08:33 AM ERROR TLS Status: Defective
ERROR Certificate expiry: 5/28/19, 12:00 AM UTC (274.63 days ago)
ERROR Defect: OPENSSL_VERIFY: The certificate chain failed OpenSSL"s verification (0:10:CERT_HAS_EXPIRED).
10:08:34 AM Attempting to ensure the existence of necessary CAA records "
10:08:34 AM No CAA records were created.
10:08:34 AM Verifying 8 domains" DNS management "
Verifying "cPanel (powered by Sectigo)""s authorization on 8 domains via DNS CAA records "
10:08:34 AM DNS manages "www.domain.com".
CA authorized: "domain.com"
CA authorized: "cpanel.domain.com"
CA authorized: "mail.domain.com"
CA authorized: "webmail.domain.com"
CA authorized: "cpcontacts.domain.com"
CA authorized: "webdisk.domain.com"
CA authorized: "cpcalendars.domain.com"
CA authorized: "www.domain.com"
"cPanel (powered by Sectigo)" is authorized to issue certificates for 8 of this user"s 8 domains.
DNS manages "domain.com".
DNS manages "mail.domain.com".
DNS manages "cpanel.domain.com".
DNS manages "webdisk.domain.com".
DNS manages "webmail.domain.com".
DNS manages "cpcontacts.domain.com".
DNS manages "cpcalendars.domain.com".
DNS manages 8 of this user"s 8 domains.
10:08:34 AM Performing HTTP DCV (Domain Control Validation) on 8 domains "
-
Hello, It looks like it goes on to complete the HTTP DCV check - does this complete successfully? What is the final log output for this transaction? This doesn't show any errors related to the DNS or HTTP DCV checks. 0 -
Log for the AutoSSL run for "stratalawllc": Wednesday, February 26, 2020 12:50:37 PM GMT-0500 (cPanel (powered by Sectigo)) 12:50:37 PM AutoSSL"s configured provider is "cPanel (powered by Sectigo)". This AutoSSL provider does not poll for certificate availability immediately after a certificate request submission. Instead, it submits certificate requests then periodically polls the cPanel Store for each requested certificate and installs it after a successful retrieval. The system will record all requests, retrievals, and installations for the current [COLOR=rgb(184, 49, 47)]> "cPanel (powered by Sectigo)" is authorized to issue certificates for 8 of this user"s 8 domains. 12:50:37 PM Performing HTTP DCV (Domain Control Validation) on 8 domains " 12:50:42 PM Redirection #1 (domain.com): Ridgway Law Group, LLC | ? Ridgway Law Group, LLC | ERROR "cPanel (powered by Sectigo)" forbids DCV HTTP redirections. WARN Local HTTP DCV error (domain.com): The system failed to fetch the DCV (Domain Control Validation) file at "Ridgway Law Group, LLC | because of an error: The system failed to send an HTTP (Hypertext Transfer Protocol) "GET" request to "Ridgway Law Group, LLC | because of an error: Could not connect to 'ridgwaydomain.com:443': Connection timed out. 12:50:47 PM Redirection #1 (): Ridgway Law Group, LLC | ? Ridgway Law Group, LLC | ERROR "cPanel (powered by Sectigo)" forbids DCV HTTP redirections. [COLOR=rgb(184, 49, 47)] 0 -
The problem with the AutoSSL check is in the error: 12:50:42 PM Redirection #1 (domain.com): Ridgway Law Group, LLC | ? Ridgway Law Group, LLC | ERROR "cPanel (powered by Sectigo)" forbids DCV HTTP redirections.
You're redirecting from the domain -> another domain and Sectigo will not follow redirects.0
Please sign in to leave a comment.
Comments
3 comments