How to disable "AutoSSL certificate installed!" emails?

Benjamin D.

• September 27, 2022 06:47

(Hi, not sure I'm posting in the correct forum, please feel free to move me to another forum if necessary.) How to disable "AutoSSL certificate installed!" emails coming from WHM? Sometimes I wake up, I have 40 of those, just over night. I went in WHM > Contact Manager > Notifications and I see an alert list for "AutoSSL has installed a certificate successfully." and so I'd like to disable that, but it's the only entry in there that's completely grayed out. According to WHM it's already disabled and from what I understand I should not have any of those "AutoSSL certificate installed!" emails. See screenshot attached. What's up with that? ...And is there a way to ONLY receive an email when there is an error, such as a coverage reduction and/or when the cert issuing is delayed/failed?

• 

  HostNoc

  • September 27, 2022 12:27

  In WHM's Installation of AutoSSL certificates " AutoSSL installed an SSL certificate.

  Installation of purchased SSL certificates " The system installed SSL certificates that a user purchased through the cPanel Market.

  SSL Certificate Expiration " A service-level SSL certificate has expired.

  SSL Certificate Expires Soon " An account's SSL certificate expires soon.

  SSL certificates expiring " An account's SSL certificate expires soon. In cPanel's AutoSSL certificate expiry " An AutoSSL certificate will expire soon.

  SSL certificate expiry " A non-AutoSSL certificate will expire soon. In cPanel, under "Contact Information", you'd need to disable the AutoSSL notifications. The particular notification referenced in that screenshot is: "AutoSSL cannot renew a certificate because domains that fail validation exist on the current certificate." Regards

  0
• 

  cPRex Jurassic Moderator

  • September 27, 2022 15:02

  I believe the option you'll want is in WHM >> Manage AutoSSL under the "Options" area. I would guess both options there are set to "Notify the user for all AutoSSL events and normal successes" instead of just issues. Can you check that page?

  0
• 

  Benjamin D.

  • September 27, 2022 16:13

  This is what I'm seeing under WHM >> Manage AutoSSL under the "Options". See attached. I've noticed even though all the emails I'm getting over night are named "AutoSSL certificate installed!" I'm seeing this in each email I'm getting: There is no recorded error on the system for "mail.whatever.com". This might mean that this domain failed DCV (Domain Control Validation) when the system requested the new certificate, but the domain has since passed DCV. So perhaps WHM counts this success as a failure or something like that. I get TONS of those emails and there is absolutely nothing wrong with the current SSL coverage of any of those domains. Which option should I check so that WHM notification system shuts the F up? :) Thx

  0
• 

  cPRex Jurassic Moderator

  • September 27, 2022 16:20

  Yes, that would be a successful message. Switch to the "failures only" option and that will only tell you when things break.

  0
• 

  Benjamin D.

  • September 27, 2022 18:11

  cPRex, I've got to say that I'm impressed with your forum replies lately. You have helped me a couple times on here this year and I find it very refreshing to read replies from a cPanel staff member who actually seems to genuinely care about cPanel quality of service and customer service. You seem to be everywhere at once, you reply very quickly and you're helpful. Thanks for doing what you do, I appreciate your help. I've set it to "Notify the administrator for AutoSSL certificate request failures only." so we'll see how it goes in 3 days. BTW, is there a way for Let's Encrypt to issue SSL certs that last longer than 3 months? Before the Sectigo fiasco last year, and unless I don't recall correctly, both providers issued certs that lasted a year. I may be wrong, but I don't recall them being so short before.

  0
• 

  cPRex Jurassic Moderator

  • September 27, 2022 18:14

  Thanks for the kind words! There was some drama a couple years back about longer SSL certificates - you can read a bit about that here:

  0
• 

  Benjamin D.

  • September 27, 2022 18:30

  Yes, but the thing is that Sectigo failed to renew many of my server's certs last year. There apparently was a massive problem and many people, including me, reported it. I lost 3 customers who went elsewhere because of that. I'm now strictly using Let's Encrypt instead of Sectigo because of that horrible issue. Sectigo caused me PTSD. Remember this? UGH!

  0
• 

  cPRex Jurassic Moderator

  • September 27, 2022 18:34

  That makes sense and I get that frustration for sure. There are paid options where you could purchase a one-year certificate, but for any of the automatically installed ones, the 90-day standard isn't something that is up to cPanel:

  0
• 

  Benjamin D.

  • October 03, 2022 13:59

  Almost a week later, it seems to have fixed the issue. No more emails for now. Thanks.

  0
• 

  Benjamin D.

  • October 16, 2022 12:02

  Yeah, it's definitely fixed, thanks for the information cPRex! :) This can be closed.

  0

Please sign in to leave a comment.