Skip to main content

How to install the SSL certificate for all subdomains?

Comments

19 comments

  • kodeslogic
    Currently, the SSL you have on sandbox.patamar.app.br is self-signed certificate and not certificate authority (CA) issued for which the browser won't show a secure green padlock. You can uninstall the current self-signed certificate and reinstall the SSL from AutoSSL option in WHM WHM > SSL-TLS > Manage AutoSSL
    [QUOTE]
    0
  • leobibiano
    Currently, the SSL you have on sandbox.patamar.app.br is self-signed certificate and not certificate authority (CA) issued for which the browser won't show a secure green padlock. You can uninstall the current self-signed certificate and reinstall the SSL from AutoSSL option in WHM WHM > SSL-TLS > Manage AutoSSL

    Thanks for the answer. I performed the procedure as instructed, now it appears that it was issued by cPanel but still the message "Not secure". (Attached image)
    0
  • kodeslogic
    From what I see AutoSSL is yet not installed for sub-domain sandbox.
    0
  • leobibiano
    From what I see AutoSSL is yet not installed for sub-domain sandbox.patamar.app.br

    I'll tell you what procedures I did: In cPanel, I entered Manage SSL Hosts, clicked on Unistall in the line where there was a certificate installed for sandbox. Then, the line that included the installation of this subdomain disappeared. Then I accessed WHM -> SSL / TLS -> Manage AutoSSL and clicked on Run AutoSSL For All Users. The message "AutoSSL is now checking all users. The process has ID 19138." That's what I did. Is correct?
    0
  • kodeslogic
    Yes, that is correct. If there are many accounts then process ID 19138 may take some time, wait till it completes. Just running AutoSSL for "patamar" only would be quicker.
    0
  • leobibiano
    Yes, that is correct. If there are many accounts then process ID 19138 may take some time, wait till it completes. Just running AutoSSL for "patamar" only would be quicker.

    I only have this account with this primary domain. I checked the list of ongoing processes, ID 19138 is not there, I believe it has already been finalized. Is there anything else that can be done?
    0
  • kodeslogic
    Please share AutoSSL logs for analysis.
    0
  • leobibiano
    Please share AutoSSL logs for analysis.

    ***Moderator note: I've removed the log entries with the domain name but the primary error is the following: WARN Sectigo HTTP DCV verification failure (www.ss.subdomain.tl.d): (XID zyrkx3) The system failed to set the permissions on "/home/patamarapp/public_html/sistema_imobiliario/patamar-adm/.well-known/pki-validation" to "0755" (as EUID: 1002, EGID: 1004 1004) because of the following error: Operation not permitted
    0
  • kodeslogic
    Please review the ownership values configured on the /home/patamarapp/public_html/sistema_imobiliario/patamar-adm/.well-known/pki-validation
    directory to ensure they are owned by the account user and share output for the below command: lsattr -d /home/patamarapp/public_html/sistema_imobiliario/patamar-adm/.well-known/pki-validation
    0
  • cPanelLauren
    @kodeslogic has the right of it, this isn't a DCV failure it looks like an ownership issue or an inability to modify the file within that directory.
    0
  • leobibiano
    Please review the ownership values configured on the /home/patamarapp/public_html/sistema_imobiliario/patamar-adm/.well-known/pki-validation
    directory to ensure they are owned by the account user and share output for the below command: lsattr -d /home/patamarapp/public_html/sistema_imobiliario/patamar-adm/.well-known/pki-validation

    I tried to run the suggested code, but I received the following error: lsattr: Permission denied while trying to stat /home/patamarapp/public_html/sistema_imobiliario/patamar-adm/.well-known/pki-validation
    I ran it through the root user. I should have permission for everything, right?
    0
  • kodeslogic
    Yes, As a root user you should have all permission. You can contact a certified
    0
  • leobibiano
    Yes, As a root user you should have all permission. You can contact a certified

    I think I managed to execute it by inserting the command "sudo" before the main one. He returned to me like this: ---------------- /home/patamarapp/public_html/sistema_imobiliario/patamar-adm/.well-known/pki-validation
    What do I do now? Do I try to run AutoSSL again?
    0
  • kodeslogic
    Execute below two commands in the given sequence cd /home/patamarapp/public_html/sistema_imobiliario/patamar-adm/ find . -type d -exec chmod 755 {} \;
    After this again check output it should as below lsattr -d /home/patamarapp/public_html/sistema_imobiliario/patamar-adm/.well-known/pki-validation drwxr-xr-x /home/patamarapp/public_html/sistema_imobiliario/patamar-adm/.well-known/pki-validation
    FYI: Use sudo if required.
    0
  • leobibiano
    Execute below two commands in the given sequence cd /home/patamarapp/public_html/sistema_imobiliario/patamar-adm/ find . -type d -exec chmod 755 {} \;
    After this again check output it should as below lsattr -d /home/patamarapp/public_html/sistema_imobiliario/patamar-adm/.well-known/pki-validation drwxr-xr-x /home/patamarapp/public_html/sistema_imobiliario/patamar-adm/.well-known/pki-validation
    FYI: Use sudo if required.

    I executed the commands as you instructed me. Below are the returns: [centos@ip-172-31-22-177 patamar-adm]$ find . -type d -exec chmod 755 {} \; [centos@ip-172-31-22-177 patamar-adm]$ lsattr -d /home/patamarapp/public_html/sistema_imobiliario/patamar-adm/.well-known/pki-validation ---------------- /home/patamarapp/public_html/sistema_imobiliario/patamar-adm/.well-known/pki-validation [centos@ip-172-31-22-177 patamar-adm]$ drwxr-xr-x /home/patamarapp/public_html/sistema_imobiliario/patamar-adm/.well-known/pki-validation -bash: drwxr-xr-x: command not found [centos@ip-172-31-22-177 patamar-adm]$
    0
  • kodeslogic
    Try cd /home/patamarapp/public_html/sistema_imobiliario/patamar-adm/ sudo chmod -R 755 .well-known
    0
  • leobibiano
    I think I solved it. I removed the pki-validation folder and started AutoSSL. Apparently he created a new one, without permission problems. I looked in my cPanel, all subdomains are valid AutoSSL now. However, accessing through the browser still counts as "Not secure". Is it necessary to wait a while to be propagated?
    0
  • kodeslogic
    Happy to hear finally SSL is installed :) [QUOTE]
    0
  • leobibiano
    Thank you all for your efforts to help me.
    0

Please sign in to leave a comment.