Skip to main content

Comments

89 comments

  • Look
    i've been having same errors since 11hours ago. running this command /usr/local/cpanel/bin/autossl_check --user $username gives --- The provider "cPanel (powered by Sectigo)""s AutoSSL queue already contains a certificate request for "username""s website "example.com". The request"s start time is Jan 23, 2022, 4:35:01 PM UTC.
    0
  • Mr.Novo
    I've different servers. Some of them works some of them not. I don't understand. There was an emergency on my end so i bought an external certificate and fixed my problem. Today I checked again if subdomain SSLs are generated automaticly and they were.
    0
  • matt1206
    Seeing the same. Multiple servers, no common point with regards to server providers. Manually running the autossl check now has renewed 3 domains on one server that expired this morning. These have previously been renewing automatically for the last 2 years since the server was installed.
    0
  • matt1206
    Example logs: 3:28:14 AM Processing "attbot""s local DCV results " 3:28:14 AM Analyzing "attbot.org""s DCV results " 3:28:14 AM AutoSSL will request a new certificate. 3:28:14 AM The system will attempt to renew the SSL certificate for (attbot.org: attbot.org www.attbot.org mail.attbot.org). 3:28:17 AM The "cPanel (powered by Sectigo)" provider cannot currently accept incoming requests. The system will try again later. The system has completed "attbot""s AutoSSL check. 3:28:17 AM Processing "lahjalstuttu""s local DCV results "
    0
  • bellwood
    3:28:17 AM The "cPanel (powered by Sectigo)" provider cannot currently accept incoming requests. The system will try again later.

    Been seeing more and more of this error line lately, seems like Sectigo cannot keep up or is facing a lot of sporadic down time.
    0
  • cPRex Jurassic Moderator
    Been seeing more and more of this error line lately, seems like Sectigo cannot keep up or is facing a lot of sporadic down time.

    That's exactly correct - Sectigo is experiencing some issues at the moment and those have also been mentioned in this thread:
    0
  • Look
    update. it was resolved. The pending SSL request was cleared and request again the SSL. And it worked!~
    0
  • matt1206
    Any update? This is pretty poor TBH, as it's causing outages for multiple sites as their SSL certs are expiring due to them not issuing new certificates.
    0
  • Mr.Novo
    I've faced similar problem with another server today. It took about 30 minutes to issue SSL but it seems working now. What i did to fix it ? Nothing.
    0
  • matt1206
    I've faced similar problem with another server today. It took about 30 minutes to issue SSL but it seems working now. What i did to fix it ? Nothing.

    I've tried manually renewing expired certificates, and I get the same response each time about them not accepting requests currently. I've had to swap over to LetsEncrypt as some of the sites have been down for 24 hours now with expired certificates.
    0
  • matt1206
    It's also at the point where my hostname certificate is going to expire tomorrow on one of the servers, and that's not being processed either: [WARN] The system failed to acquire a signed certificate from the cPanel Store because of the following error: (XID xm95xd) The cPanel Store returned an error (X::TemporarilyUnavailable) in response to the request "POST ssl/certificate/whm-license/90-day": We were unable to process your request. Please try again later.
    0
  • Mr.Novo
    Did swapping to LetsEncrypt helped for expired domains ?
    0
  • cPRex Jurassic Moderator
    Moving to Let's Encrypt would replace expired certificates if there are no other complications. I'm still seeing the rate limiting happening but I haven't heard back from Sectigo yet.
    0
  • cEMa
    Figured I'd share my experience in hope it helps others.. On a server with around 600 domains, I was quite affected by the recent certificate issue. I was able to bypass the issue and get valid certs for the affected domains by switching to Let's Encrypt. (must be done as root) [QUOTE]
    Ref: The Let's Encrypt Plugin | cPanel & WHM Documentation
    0
  • cEMa
    Been seeing more and more of this error line lately, seems like Sectigo cannot keep up or is facing a lot of sporadic down time.

    I share the same sentiment and concerns. I'm contemplating staying with Let's Encrypt due to all the issues I've been having using the default provider.
    0
  • cPRex Jurassic Moderator
    There's nothing wrong with staying with Let's Encrypt permanently. For most users they won't notice an issue, although Let's Encrypt does have slightly lower limits that can cause issues for users that have a large number of domains or vhosts. More details on that can be found here:
    0
  • internetfab
    @cPRex : Would it be possible to add an AutoSSL provider as a backup provider if a run fails due to rate limit issues? Perhaps a feature request that can be handled rather quickly? :) Right now we can switch autossl provider with whmapi1, run for one user and then switch back again but having it done automatically would be a nice feature.
    0
  • cPRex Jurassic Moderator
    @internetfab - there was a request submitted just this week for that behavior:
    0
  • internetfab
    @internetfab - there was a request submitted just this week for that behavior:
    0
  • cPRex Jurassic Moderator
    I did speak with the team that works with Apache and AutoSSL to make them aware of that, so it has been passed along to the right people. I'm not sure I'll really have other updates to report on this, but it's always a good idea to keep an eye on the
    0
  • cPRex Jurassic Moderator
    There's a few AutoSSL threads going, but I'll post here too - Sectigo hasn't been able to resolve the issues just yet, so switching to Let's Encrypt is the best option if you're still seeing problems.
    0
  • GoWilkes
    Just adding my name to the list... I've been getting an error on the renewal the cert for my server's main domain since at least January 21 (probably longer, I was just deleting the emails). Now the cert expires on Feb 10 and it's still not being renewed. I just now changed it to LE, it will auto-run tonight and hopefully fix it. But this is a temporary solution for me, as the LE limit is too low for me. This is the 3rd or 4th time I've had this issue since SSL became a requirement, so the suggestion of being able to set a backup provider is excellent...
    0
  • cPRex Jurassic Moderator
    I liked the backup provider suggestion a lot for sure!
    0
  • Mr.Novo
    Its kinda necessary from now on. Having a default SSL provider and option to try with other provider. I now installed LE provider but i hesitate swithcing. I'm not sure if LE gonna try to replace all valid certs and make things worst. Does it try to replace valid certs once it runs AutoSSL check for all users ?
    0
  • cPRex Jurassic Moderator
    Let's Encrypt will only replace certificates that need it. There is also this option, which is not checked by default, that tells AutoSSL not to worry about certificates it did not issue:
    0
  • PPNSteve
    meanwhile the pending Sectigo queue gets bigger and bigger.
    0
  • GoWilkes
    I don't know if it's just me, but it looks like my Sectigo certs updated last night :-O
    0
  • simz8
    I am having a problem with SSL autorenewal from cPanel (powered by Sectigo). Specifically the renewal for several of my domains failed last night and are still at the pending queue. I tried clearing the queue and rerunning the request but fails again. For one of my domains i was forced to buy and install manually a wildcard certificate. I can figure out there is a known issue with cPanel (powered by Sectigo). Do you propose a solution? I am not able to pay 100euros for each domain i have just because of Sectigo. P.S. I am not able to use Let's encrypt because i have an old Cpanel / WHM version. We will update at some point but not yet. Do you propose any steps to solve the issue? Because in the following days some of the domain's certificate will also expire. Thank you in advance.
    0
  • cPRex Jurassic Moderator
    @simz8 - did they fail due to a certain issue or were you getting the "can't process this request" error? If there was an issue, our team is happy to check that out through a ticket. If it's the Sectigo processing problem, my only recommendation would be to switch to Let's Encrypt. What cPanel version are you using where that isn't an option?
    0
  • rainboy
    This message is marked as in progress, but the past months we see the following message about every few days The "cPanel (powered by Sectigo)" provider cannot currently accept incoming requests. The system will try again later. Note that we do not use or ever used Let's Encrypt; so all certificates where cPanel Sectigo certificates, and should have been replaced automatically, but where not. This happens on multiple servers, at random. Can't really put a finger on it, except that it gives that error message and clients create tickets because their website is not working. Is there any news on this issue? is this a different issue ?
    0

Please sign in to leave a comment.