DNS Only SSL issue

MichaelGMorgan

• September 22, 2022 12:25

I've deployed 2 fresh cPanel DNS Only boxes, let's call them ns1.mydomain.com and ns2.mydomain.com I've followed the same process on both. On ns2.mydomain.com the SSL is auto installed and is working nicely. In "Manage Service SSL Certificates" in the "Certificate Properties" column it lists ns2.mydomain.com along with several subdomains of this, and x-x-x-x.cprapid.com On ns1.mydomain.com, the SSL is not working. In the same area as above the "Certificate Properties" column just has "ns1.mydomain.com" and nothing else. I've tried running "/usr/local/cpanel/bin/checkallsslcerts" but this does nothing. If I click the "Browse Certificates" button several self-signed certificates show up. The only cPanel Inc certificate is for the xx-xx-xx-xx.cprapid.com with no mention of ns1.mydomain.com I've checked the servers hostname both in cPanel and via CLI and it's correct. I've also rebooted the server a couple of times. Thanks

• 

  cPRex Jurassic Moderator

  • September 22, 2022 18:01

  Hey hey! Does the checkallsslcerts command show any errors or give any other useful output?

  0
• 

  MichaelGMorgan

  • September 23, 2022 12:31

  No errors... here's the output... [QUOTE]The system will check for the certificate for the "cpanel" service. The system will attempt to verify that the certificate for the "cpanel" service is still valid using OCSP (Online Certificate Status Protocol). The certificate for the "cpanel" service passed all checks. The system will check for the certificate for the "exim" service. The system will attempt to verify that the certificate for the "exim" service is still valid using OCSP (Online Certificate Status Protocol). The certificate for the "exim" service passed all checks.
  

  0
• 

  cPRex Jurassic Moderator

  • September 23, 2022 14:14

  That's interesting - it looks to me, and this is a guess without seeing the server, that the hostname is not configured properly somewhere to use the ns1.domain.com name, so it is just scanning the SSL with the cprapid hostname. Could you open a ticket with our team so we can investigate this?

  0
• 

  ejsolutions

  • September 24, 2022 11:08

  On this subject.. The checkallsslcert could do with a test for DNSOnly and not check for irrelevant subdomains/services, such as calendars/www/cpanel. Just a thought.

  0
• 

  cPRex Jurassic Moderator

  • September 26, 2022 13:05

  The tool will check any domains that are setup on the server. If the domains don't exist, I don't think it checks them - as in, I don't believe we add in the other subdomains by default unless they have been created somewhere.

  0

Please sign in to leave a comment.