TLS Status: Defective

Ben Taylor

• October 25, 2022 05:25

How do you solve this? I have a subdoamin that has the same error. Check all users does not work. every time it way DEFECTIVE. From the sounds of this thread it appears to not be a problem, but I cannot open the subdomain.

• 

  cPRex Jurassic Moderator

  • October 25, 2022 14:57

  Hey there! Can you post the specific error you're seeing? Just make sure to remove the domain name from your output for security.

  0
• 

  Lolfust

  • November 02, 2022 23:03

  How do you solve this? I have a subdoamin that has the same error. Check all users does not work. every time it way DEFECTIVE. From the sounds of this thread it appears to not be a problem, but I cannot open the subdomain.

  
  if your using sectigo in autossl and there is no SSL cert for the domain i have noticed it always will say "defective" but will create a cert. maybe you could attach a full log?

  0
• 

  360webfirm

  • December 19, 2023 14:36

  Can someone help me I have no idea why this is happening as I had this domain installed via add on domain on same server different c panel account. Now I created a new account as primary domain and I have been trying for hours to get this to work.

   

  Log for the AutoSSL run for “xxx”: Tuesday, December 19, 2023 9:18:15 AM GMT-0500 (Sectigo)

   9:18:15 AM AutoSSL’s configured provider is “Sectigo”.

   This AutoSSL provider does not poll for certificate availability immediately after a certificate request submission. Instead, it submits certificate requests then periodically polls the cPanel Store for each requested certificate and installs it after a successful retrieval. The system will record all requests, retrievals, and installations for the current AutoSSL run in this log.

   Analyzing “xxx”’s domains …

   9:18:15 AM Analyzing “xxx” (website) …

   9:18:15 AM ERROR TLS Status: Defective

   ERROR Defect: NO_SSL: No SSL certificate is installed.

   9:18:15 AM Attempting to ensure the existence of necessary CAA records …

   9:18:15 AM No CAA records were created.

   9:18:15 AM Verifying 8 domains’ management status …

   Verifying “Sectigo”’s authorization on 8 domains via DNS CAA records …

   9:18:15 AM “webdisk.xxx” is managed.

   “cpcontacts.xxx” is managed.

   “cpcalendars.xxx” is managed.

   CA authorized: “xxx”

   CA authorized: “www.xxx”

   CA authorized: “mail.xxx”

   CA authorized: “cpanel.xxx”

   CA authorized: “webdisk.xxx”

   CA authorized: “webmail.xxx”

   CA authorized: “cpcontacts.xxx”

   CA authorized: “cpcalendars.xxx”

   “Sectigo” is authorized to issue certificates for 8 of this user’s 8 domains.

   “mail.xxx” is managed.

   “www.xxx” is managed.

   “webmail.xxx” is managed.

   “cpanel.xxx” is managed.

   “xxx” is managed.

   All of this user’s 8 domains are managed.

   9:18:15 AM Performing HTTP DCV (Domain Control Validation) on 8 domains …

   9:18:15 AM Local HTTP DCV OK: xxx

   Local HTTP DCV OK: www.xxx

   Local HTTP DCV OK: mail.xxx

   Local HTTP DCV OK: cpanel.xxx

   Local HTTP DCV OK: webdisk.xxx

   Local HTTP DCV OK: webmail.xxx

   Local HTTP DCV OK: cpcontacts.xxx

   Local HTTP DCV OK: cpcalendars.xxx

   9:18:15 AM No local DNS DCV is necessary.

   9:18:15 AM Processing “xxx”’s local DCV results …

   9:18:15 AM Analyzing “xxx”’s DCV results …

   9:18:16 AM SUCCESS “Sectigo” HTTP DCV OK: xxx

   SUCCESS “Sectigo” HTTP DCV OK: www.xxx

   SUCCESS “Sectigo” HTTP DCV OK: mail.xxx

   SUCCESS “Sectigo” HTTP DCV OK: webmail.xxx

   SUCCESS “Sectigo” HTTP DCV OK: cpanel.xxx

   SUCCESS “Sectigo” HTTP DCV OK: webdisk.xxx

   SUCCESS “Sectigo” HTTP DCV OK: cpcontacts.xxx

   SUCCESS “Sectigo” HTTP DCV OK: cpcalendars.xxx

   AutoSSL will request a new certificate.

   9:18:16 AM The system will attempt to renew the SSL certificate for (xxx: xxx www.xxx mail.xxx webmail.xxx cpanel.xxx webdisk.xxx cpcontacts.xxx cpcalendars.xxx).

   The “Sectigo” provider’s AutoSSL queue already contains a certificate request for “xxx”’s website “xxx”. The request’s start time is Dec 19, 2023, 11:15:09 AM UTC, and its last poll time is Dec 19, 2023, 2:15:02 PM UTC.

   The system has completed “xxx”’s AutoSSL check.

  0
• 

  cPRex Jurassic Moderator

  • December 19, 2023 15:00

  360webfirm - I would switch to Let's Encrypt.  That output indicates there is nothing wrong, but Sectigo is just being slow to issue the certificate.

  0
• 

  360webfirm

  • December 19, 2023 16:24

  what about the rest of the websites on that server? They are set to use Sectigo, if I switch providers, will all of the rest of the cpanel accounts need to switch over all togther to lets Encrypt?

  0
• 

  360webfirm

  • December 19, 2023 16:26

  I just dont want to run into a scenario where some of my websites dont get a SSL.  Does it matter if I switch now and will the other sites get the SSL ceret when they renew under lets encrypt?

  0
• 

  cPRex Jurassic Moderator

  • December 19, 2023 16:26

  All the current certificates will stay in place until they expire.  When they come up for renewal, they'll just renew under Let's Encrypt.  It's a seamless transition.

  0
• 

  360webfirm

  • December 19, 2023 16:30

  Thanks as always cPRex. Anything else I need to do besides just choosing Let’s Encrypt and then running for that one domain?

  0
• 

  cPRex Jurassic Moderator

  • December 19, 2023 16:31

  Nope - it really should be just that easy!

  0

Please sign in to leave a comment.