Endless issues with AutoSSL
Hi there. Hoping someone can help me here. For the past few months, I have been encountering endless issues with my AutoSSL. Usually its one of three errors either one after another or a combination. I'm using a test website as an example as I am yet unable to install an SSL certificate via Sectigo AutoSSL:
1. ERROR "www.domain.com" is unmanaged. Verify registration and authoritative nameserver configuration for this domain or "domain.com" to correct this problem.
2. WARN Local HTTP DCV error (www.domain.com" does not resolve to any IP addresses on the internet.
3. The "cPanel (powered by Sectigo)" provider cannot currently accept incoming requests. The system will try again later.
1. This domain is managed and resolves to an IP address
2. Why can't cPanel provider accept incoming requests? Restarting Apache and DNS servers seem to help with this but is there a rate limiter? I've tried installing the SSL about 20 times now.
3. I've tried disabling the CSF firewall, CPHulk and server-side firewall, no changes.
I'm on LAMP stack, PHP 7.4, CSF, NGINX mod, Cloudflare to host DNS.
What am I missing here?
-
Hey there! I edited your post to remove the public URL for security reasons, but I also dont see any external problems with the DNS for that domain. However, it seems like there is some type of local issue that is keeping the DNS from being properly detected. Can you run this command to see if that provides you with the correct nameservers for the domain? /usr/local/cpanel/3rdparty/bin/perl -MCpanel::DnsRoots -MData::Dumper -e 'print Dumper(Cpanel::DnsRoots->new()->get_nameservers_for_domain("domain.com"));'
Just replace "domain.com" with your actual domain name there. If this is working properly as you have described, I believe this will show the Cloudflare nameservers. If that works well, try this command from your server to confirm you can connect to the root nameservers:for i in {a..m}; do echo -n "$i: "; dig +short $i.root-servers.net @$i.root-servers.net; done
That will just show a list of IPs in the output, one for each root nameserver. If both of those work well and return the expected results, please submit a ticket to our team so we can do some more investigating on our end.0 -
Thanks for your insight. Both commands check out. I've submitted a ticket to escalate this matter. Ticket #94491792. Can you assist me there further? 0 -
Thanks for doing that. I won't be the one assisting you through the ticket but I will be following along so I can see the resolution and post it here. 0 -
@nickatsados your issue solved? or still having a problem. Pasting solution here can help others. 0 -
@timkah - we recommended this user switch to Let's Encrypt to avoid the rate limits that Sectigo has in place. 0 -
Oh I see, lately people having problem due to Sectigo limits. 0
Please sign in to leave a comment.
Comments
6 comments