Skip to main content

AutoSSL Exclusion via API issue

Comments

10 comments

  • jhawkins003
    Ok so I fixed our problem. Kindof! I misunderstood how that API call worked. It apparently operates in lieu of the account user, not root - hence we just had to make sure all user accounts had 'SSL Host Installer' active in their feature package. That said, the script still appears to not quite fire as documented? Now getting: --- apiversion: 3 func: add_autossl_excluded_domains module: SSL result: data: ~ errors: - The "domains" argument cannot be empty. messages: ~ metadata: {} status: 0 warnings: ~ ---
    0
  • cPRex Jurassic Moderator
    Hey there! I'm not seeing any issues when I run the looped command as the root user: # SUBDOMAIN=mail;find /var/cpanel/users -type f | cut -d"/" -f5 | while read USERNAME;do LIST=`uapi --user=$USERNAME WebVhosts list_ssl_capable_domains | grep -Ei "domain:" | awk '{print $2}' | grep -Ei "^$SUBDOMAIN" | sed -z 's/\n/,/g;s/,$/\n/'` && uapi --user=$USERNAME SSL add_autossl_excluded_domains domains=$LIST ;done --- apiversion: 3 func: add_autossl_excluded_domains module: SSL result: data: ~ errors: ~ messages: ~ metadata: {} status: 1 warnings: ~ --- apiversion: 3 func: add_autossl_excluded_domains module: SSL result: data: ~ errors: ~ messages: ~ metadata: {} status: 1 warnings: ~
    Can you let me know the exact call you're using that is causing the error?
    0
  • jhawkins003
    Can you let me know the exact call you're using that is causing the error?

    Sure! Its precisely the same call; run as root: # SUBDOMAIN=mail;find /var/cpanel/users -type f | cut -d"/" -f5 | while read USERNAME;do LIST=`uapi --user=$USERNAME WebVhosts list_ssl_capable_domains | grep -Ei "domain:" | awk '{print $2}' | grep -Ei "^$SUBDOMAIN" | sed -z 's/\n/,/g;s/,$/\n/'` && uapi --user=$USERNAME SSL add_autossl_excluded_domains domains=$LIST ;done --- apiversion: 3 func: add_autossl_excluded_domains module: SSL result: data: ~ errors: - The "domains" argument cannot be empty. messages: ~ metadata: {} status: 0 warnings: ~ --- apiversion: 3 func: add_autossl_excluded_domains module: SSL result: data: ~ errors: - The "domains" argument cannot be empty. messages: ~ metadata: {} status: 0 warnings: ~ --- ... etc ...
    Is there a chance there is another Feature Manager (or other) dependency we are not aware of?
    0
  • cPRex Jurassic Moderator
    Interesting - I'm not finding any prerequisites for that API call when I test on my end. I wonder if one of your domains has an issue with userdata, and it hits that error as it works through the loop. If you run it on just one domain as a test, does that work?
    0
  • jhawkins003
    Ok when running the command as a one-off I get the following (username/domain subbed out): # uapi --output=jsonpretty --user=USERNAME SSL add_autossl_excluded_domains domains=mail.DOMAIN { "apiversion" : 3, "func" : "add_autossl_excluded_domains", "module" : "SSL", "result" : { "warnings" : null, "status" : 0, "data" : null, "errors" : [ "The request failed. (Error ID: e9zzzs) Ask your hosting provider to research this error in cPanel & WHM"s main error log." ], "messages" : null, "metadata" : {} } }
    When going to the error log I see this Cpanel::Exception::DomainOwnership/(XID e9zzzs) You do not own the following domain
    I can verify via WHM that A) the domain exists and B) it is owned by that user. Furthermore testing multiple domains with various users fails the same way. Also as a reminder - this function does not work on another cPanel server we operate either. Strange!
    0
  • cPRex Jurassic Moderator
    That's definitely odd - could you create a ticket so we can take a look?
    0
  • jhawkins003
    That's definitely odd - could you create a ticket so we can take a look?

    I knew that was coming. :-D Thanks for the assist and Ill report back!
    0
  • cPRex Jurassic Moderator
    Yeah, I know - only so much guessing I can do on my end - let us know!
    0
  • jhawkins003
    Found the issue! Didnt even have to open a ticket in the end. I completely forgot we implemented a script some time ago that pruned .mail entries from /var/cpanel/userdata entries to try to resolve this issue and that seems to have led to the issue with the API call.
    0
  • cPRex Jurassic Moderator
    Nice!
    0

Please sign in to leave a comment.