Skip to main content

New certificate lacks the following domain that the previous certificate secured: mail.xxxxx.com ?

Comments

15 comments

  • cPRex Jurassic Moderator
    Hey there! Just to confirm, ensure the domain doesn't exist in the Apache configuration anywhere, as AutoSSL checks based on vhosts, not DNS entries. Another thing to check would be to confirm that the notification is coming from the live server, and not an old server where the account may have been migrated away from. It sounds silly, but it happens. If those don't get things working, we'd be happy to look at the issue directly through a ticket!
    0
  • Benjamin D.
    Could you please be kind as to elaborate for me what this means exactly: "checks based on vhosts" Is there a place in WHM I should check for that subdomain? "[...] is coming from the live server [...]" >> Of course it is. I'm dvmb, but not that dvmb haha ;-) As usual, thanks for replying to me :)
    0
  • cPRex Jurassic Moderator
    AutoSSL has to have a place to install the certificate, so it uses Apache vhosts to determine what it should be trying to issue. That's all I meant. I don't think you'll find anything in WHM ,but inside the cPanel for the particular account is where you would see all the subdomains/addon domains.
    0
  • Benjamin D.
    OK, I'm in that customer's cPanel. Before this excessively ugly cPanel rebranding, we used to have an icon for subdomains, but it's no longer there. I tried to go in DOMAINS, but all I see is the customer's domain, not any subdomain, like I don't see mail.xxxxx.com in there.
    0
  • cPRex Jurassic Moderator
    If you don't see anything in the Domains tab, then it's likely not there. I'd do a grep in their userdata for the domain that AutoSSL is complaining about, just to be sure it doesn't exist: grep -Ri domain-to-look-for.com /var/cpanel/userdata/username
    0
  • Benjamin D.
    OK thanks, the grep command shows: /var/cpanel/userdata/xxxxx/xxxxx.com:serveralias: mail.xxxxx.com www.xxxxx.com How can I remove that?
    0
  • cPRex Jurassic Moderator
    Before we start deleting things, do you not see those records in the DNS zone for the server?
    0
  • Benjamin D.
    Absolutely not.
    0
  • cPRex Jurassic Moderator
    Interesting. So there's two ways we can approach this: -fix the record so it does exist, by just adding it to the DNS zone. This would also be controlled for newly-created zones in WHM >> Tweak Settings with the "Service Domains" toggle option. OR -manually delete the userdata entry. To manually delete that entry, do the following: -create a backup of the userdata file just in case. -remove any unwanted entries in the "serveralias" line - if that means the only thing left is just "serveralias:" that is fine, but it still needs to be present even if it's empty. -save the file -run the following commands /scripts/updateuserdatacache /scripts/updateuserdomains /scripts/restartsrv_cpsrvd
    That *should* be enough to get that removed in a way that cPanel understands. If that doesn't get things working for you, it's ticket time!
    0
  • Benjamin D.
    They do NOT have mail with us and we don't need mail.xxxxx.com so I would prefer if we could follow what they have in their DNS Zone Manager, meaning no mail.xxxxx.com
    0
  • cPRex Jurassic Moderator
    That makes sense!
    0
  • Benjamin D.
    OK so do I need to remove it also from the .cache files? And what about the .com_SSL files? Do I need to remove it from there too?
    0
  • cPRex Jurassic Moderator
    The .cache files will get updated with my command, but it's safe to move those out of the way. Yes, if there are _SSL files present also, do those too.
    0
  • Benjamin D.
    OK I've manually vi'ed all 4 files in userdata and I've run the 3 commands. Then in Manage SSL Hosts, they were still there, so I deleted the host. Then I ran Auto SSL to regenerate the cert. Believe it or not, they're still showing under Manage SSL Hosts! Though, the annoying email is gone so I'll take that as a satisfactory "solution". Weird. Thanks for all your help, you may close this now :)
    0
  • cPRex Jurassic Moderator
    I'm glad that helped! I wish we had more "why" about how things get out of sync, but short of some epic forensic analysis I don't think we always get those types of answers. I'll mark this one as solved for you too!
    0

Please sign in to leave a comment.