Keeping this short and sweet, Lets encrypt over cPanel Sectigo ALL DAY

Steini Petur

• April 18, 2022 01:41

Hey guys, As a server administrator, you really want to be dealing with the real issues not an SSL installation issue. You also don't want your support team to be dealing with this on a regular basis, here is where it is 1:29:33 PM Processing "xxx""s local DCV results " 1:29:33 PM Analyzing "xxx.com""s DCV results " 1:29:33 PM AutoSSL will request a new certificate. 1:29:33 PM The system will attempt to renew the SSL certificate for (xxx.com: xxx.com If it's not Gateway issue, Currently not accepting or other issues at Sectigo, its just something else, and then clients SSL doesn't properly install and he ends up contacting support and placing the blame, so here is to everyone using cPanel Processing "xxx""s local DCV results " 1:31:20 PM Local DNS DCV OK: *.xxx.com (via xxx.com) Analyzing "xxx.com""s DCV results " 1:31:20 PM Trying 1 wildcard domain (*.xxx.com) to maximize coverage " 1:31:23 PM SUCCESS "Let"s Encrypt"" HTTP DCV OK: xxx.com 1:31:25 PM SUCCESS "Let"s Encrypt"" DNS DCV OK: *.xxx.com AutoSSL will request a new certificate. 1:31:25 PM The system will attempt to renew the SSL certificate for (xxx.com: xxx.com *.xxx.com). Certificate #1: "*.xxx.com" and "xxx.com" Reusing certificate order from DCV (Domain Control Validation) " 1:31:27 PM Installing "xxx.com""s new certificate " 1:31:28 PM SUCCESS Success! 1:31:28 PM The system has completed "xxx""s AutoSSL check. Just stick with Lets Encrypt plugin, it rarely fails, at least not nearly as often as the Sectigo does, few months ago I had issues and again it was Sectigo, resolved by Lets encrypt, I don't want to be dealing with this issue, why Sectigo can't be a bit more stable option, cPanel something you might consider worthy look into, perhaps a better provider to represent cPanel Free SSL, or at least fix the sectigo ongoing issues. Until then we're ensuring all our servers run on Lets encrypt. If I was only getting this once in a while I'd not be creating this post, it's just too many errors with Sectigo. #1

• 

  CBAWS

  • April 27, 2022 15:34

  This is the second time it happened on an important production site. Logs from the last few days up until the day of expiration shows the same error (cannot accept incoming requests). After the cert expired I frantically do a manual check on the domain and it installs. It's almost like Sectigo/cPanel blocks requests that looks like spam (e.g. 50 domain/subdomain requests) but single request goes through.

  0
• 

  Metro2

  • April 27, 2022 18:49

  This is the second time it happened on an important production site. Logs from the last few days up until the day of expiration shows the same error (cannot accept incoming requests). After the cert expired I frantically do a manual check on the domain and it installs. It's almost like Sectigo/cPanel blocks requests that looks like spam (e.g. 50 domain/subdomain requests) but single request goes through.

  
  This keeps getting more strange. In my case I had only ONE single new subdomain to add a couple days ago, no other new domains, and I got the "cannot accept incoming requests" issue, and none of my usual tricks worked. (Sectigo and cPanel IPs whitelisted, restarted PDNS, restarted Apache, ran AutoSSL from cPanel, from WHM, and check certs from SSH etc...) and it just would not budge. After a few hours I finally told the customer I was doing the subdomain setup for their new site "sorry, technical difficulties" and called it a night. Finally about 8 hours later it finally resolved. So, it can happen even with just one single domain or subdomain. Starting to seem like no rhyme or reason sometimes.

  0

Please sign in to leave a comment.