"The cPanel (powered by Sectigo) provider cannot currently accept incoming requests."
Apparently this was an issue a couple of years ago, anyone know why it might be happening again? Thanks.
-Michael
-
It"s really not hard, and doesn"t take long either, I don"t see what your problem is except for arguing for the sake of arguing" 0 -
It"s really not hard, and doesn"t take long either, I don"t see what your problem is except for arguing for the sake of arguing"
The problem? AutoSSL. We have a few thousand clients and are hosting more than 10.000 websites. The past few weeks, our support queue has been filled with "Why is my SSL certificate expired"-kind of questions. Also, I don't know what kind of luck you guys are having since you're able to get a certificate within 5 tries. On average, I think we're clicking "Run AutoSSL" 10 times, and sometimes we're really unlucky. Today, I've spent more than 45 minutes trying to get a single certificate renewed. All but the last failed with "The "cPanel (powered by Sectigo)" provider cannot currently accept incoming requests. The system will try again later." This is a rather big issue. Basically everyone expects that their host is able to provide a free SSL certificate today. I don't know why cPanel hasn't decided to make a public statement about these issues. All I'm seeing is staff replying to the tens of threads that have been made, and are still being made. This has been going on for months and the issue only seems to be bigger. We get more and more tickets about the issue.0 -
We too are facing the same issue at the moment ( cPanel (powered by Sectigo)" provider cannot currently accept incoming requests. The system will try again later. ). I thought this was already resolved, but I was wrong. 0 -
It"s really not hard, and doesn"t take long either, I don"t see what your problem is except for arguing for the sake of arguing"
Man.. you are just arguing because you like it. Because for you specific small case is not a problem. If you have 1 server with some clients, and you have free time everyday, that's awesome for you. Most will have few dozens or hundreds of servers, and no free time.0 -
Interesting.... why would one have to be persistent if the process was working automatically? As you stated... you have to manually try again 4 or 5 times.... that is not auto. My experience has been similar... I have to retrigger the renewal a few times manually. However, until this started to happen repeatedly... I was not even aware that it was the problem or that there was even a suggestion on how to mitigate for now.
Automatic = x number of attempts per day (I think once?) to get a cert. Manual = attempting to get a cert as many times per day you want to try, increasing the likelihood of hitting the system when it's not overloaded with requests.I had to wait for clients to tell me their sites were having SSL issues.
Do you not get emails when the process fails? -Michael0 -
Automatic = x number of attempts per day (I think once?) to get a cert. Manual = attempting to get a cert as many times per day you want to try, increasing the likelihood of hitting the system when it's not overloaded with requests. Do you not get emails when the process fails? -Michael
Hi Michael... Good question... I appreciate you pointing that out, actually. I'm looking at the notifications, though, and I am not seeing a notice that would apply to this issue. There ARE notices for Expiring Soon, for Certificate Expiration (all after the fact)... ...ahhhh... "cPanel service SSL certificate warnings... This option indicates that a waning was generated..." So yes, that would at least let me know there is an issue while it is trying to replace... and then I can go and do the retrys. It doesn't prevent the problem, but it would let me know, hopefully before the customer does. Hey, I'm all for doing what it takes to fix first... and yes, the repeated "trys" do seem to work. Again though, my suggestion is simply that I feel there should be communication from Sectigo and cPanel when something like this comes up. I should be hearing from them... not my customers. For what it's worth... the issue appears to be dying down.0 -
We're experiencing the same issues: [QUOTE]The "cPanel (powered by Sectigo)" provider cannot currently accept incoming requests. The system will try again later. 0 -
We are also experiencing the same. This need to work, I don't want to babysit SSL certs. 0 -
Mine was also hanging today saying requests could not be received by Sectigo at eh moment. After running yum-complete-transaction all my certs were suddenly issued. Coincidence may be but probably not. 0 -
Same problem here, having the same issue in multiple servers for weeks which is creating a customer support nightmare and the need to move to lets encrypt 0 -
Same problem here, this is terrible ! 0 -
Licenses become more expensive but the services are getting worse :( 0 -
I did check things on my end and I'm not seeing Sectigo reporting any issues, although that doesn't mean there aren't any. I would strongly recommend that everyone switch to Let's Encrypt to ensure they receive the certificates as expected. 0 -
Interestingly, after raising a ticket directly with Sectigo due to multiple servers receiving ongoing, random rejections of... [quote] The "cPanel (powered by Sectigo)" provider cannot currently accept incoming requests.
...we received the brief reply of... [quote] Greetings from Sectigo! We do not have limits on API calls sent per second/minute. The error on the cPanel server when issuing SSL entirely depends on cPanel. Hence, please contact cPanel support for better assistance. Regards, Ricky - Technical Support USA: +1 (888) 266-6361 International: +1 (914) SECTIGO (732-8446)
Upon replying within a few minutes to Sectigo to invite them to add their direct input to this thread, we received... [quote] Please be advised that case: 02474193 The "cPanel (powered by Sectigo)" provider cannot currently accept incoming requests. The system will try again later. has already been closed.
Most helpful. Best regards, LBJ0 -
Looking back at my own AutoSSL logs, I've been encountering this issue since 16th September. As more certificates are expiring, the error is becoming more frequent - I'm seeing it on 6 different domains as of this morning, 2 of which have already expired so getting "Insecure" errors. 0 -
@LBJ - switch to Let's Encrypt and just remove Sectigo from the equation completely. 0 -
@LBJ - switch to Let's Encrypt and just remove Sectigo from the equation completely.
Unfortunately, Let's Encrypt have their own issues in a few edge cases. We provide every client with a permanent secondary server access method via a subdomain on a reserved domain of our own. Clients can use that method of access prior to redelegation and in various emergency situations such as where their domains are expired etc. Over all our servers, that results in thousands of certificates required which include the same root domain name. Let's Encrypt limit requests to 50 per single domain per week as per...
I had to pull that code out of our global management system and modify it to be standalone for the example here, but it tested out correctly and should be fine. That simply runs a full autossl check process and then repeatedly reprocesses any individual users failing with the dreaded busy message. We also have a separate version which takes a user name as a parameter and then processes only for that single user. The code needs to run when no other autossl check routine is being run since its logic simply assumes the last log file found is its own. In other words, don't run it while /etc/cron.d/cpanel_autossl is running, or while another admin is trying to update a certificate via WHM or shell. We also run a related watchdog to kill the parent process if it runs for over 60 minutes, but that's never happened so far. It's usually successful on every server within just a few minutes of the retry processes after the initial full check run. If you only have a few servers, just run it from shell on each and then you can watch it process to completion. Use a kill on the parent process to end it if you need to. Best regards, LBJ0 -
Thanks for the script @LBJ I was able to fix my issue by manually running just the autossl script at a random time to get past the error: /usr/local/cpanel/bin/autossl_check --user={username}
Ran the command once and it fixed the issue for the accounts I was having issues with.0 -
@LBJ - switch to Let's Encrypt and just remove Sectigo from the equation completely.
Not completely, apart from the rate-limits imposed by Let's encrypt, the LE plugin doesn't generate certificates for hostnames, only the Sectigo plugin does it. So, when hostname certificates expire we will not have certificates for the hostnames and will be unable to get them automatically0 -
@elmister - the hostname certificates will still be processed by Sectigo, even if you have switched to Let's Encrypt for your user certificates. 0 -
:mad::mad: Why isn't this resolved, endless comments but no solution, anyone working here? 0 -
Interestingly, after raising a ticket directly with Sectigo due to multiple servers receiving ongoing, random rejections of... ...we received the brief reply of... Upon replying within a few minutes to Sectigo to invite them to add their direct input to this thread, we received... Most helpful. Best regards, LBJ
So if the above is correct Cpanel is the one who needs to get things done, cPanel wake up and DO something for your expensive license customers.0 -
@Jheroen - we do plan to make some changes to this system in the near future, but I'm not able to share what those are just yet. I promise we're working on this though! 0 -
@Jheroen - we do plan to make some changes to this system in the near future, but I'm not able to share what those are just yet. I promise we're working on this though!
@cPRex i hope so, this situation is not from the last week, these problems are known for a long time already0 -
It just started to affect my servers now. Hope there is a fix soon. 0 -
@Secmas - if this is for domains and the server and not the hostname certificate, switch to the Let's Encrypt provider. 0 -
Why hasnt cPanel fixed this - I have clients waiting 2+ days for SSL's - this is ridiculous. 0 -
Why hasnt cPanel fixed this - I have clients waiting 2+ days for SSL's - this is ridiculous.
That's atypical of our experience with the current issue. We run a fleet of servers, and we've never waited more than a few minutes for a certificate request to be accepted with scripted retries. This morning we had a few servers with "cannot currently accept incoming requests" errors, and all were sorted within 40 seconds of scripted retries. For reissue situations of existing certificates, you should always see the errors in your logs well before the certificates actually expire. For new accounts where the requests show a rejection in the logs, running a scripted retry until the request is accepted has always been successful for us. It's definitely a major fault which should be sorted out, but with suitable mitigation, there's no reason for clients to suffer certificate outages. Alternatively, so long as your operation fits within the rate-limits imposed by Let's Encrypt, just switch to their service for the interim at least. Regards, LBJ0 -
I was able to get a clients domain into the queue - and it has sat there for over 2 days. I have killed the queue and am now trying to run and rerun autoSSL to get them back into the queue.. The clients account is brand new, so there is no SSL installed and its a tad unacceptable they need to wait all this time for it to be provisioned. Given the length of time this thread has run its obvious cPanel need to sort something out. Any chance you can enlighten me as to this script I can run that will retry getting a users domain into the queue? 0
Please sign in to leave a comment.
Comments
231 comments