AutoSSL "domain.tld" is unmanaged
Hello, I recently did a clean install of Cloudlinux 8. I was running Cloudlinux 7 before. I did a fresh install of cPanel and everything. Autossl was working without error previously. Now everytime I try to run AutoSSL for my domains, I get no luck and get domain.tld is unmanaged errors.
Here is the AutoSSL log:
6:07:53 PM AutoSSL"s configured provider is "Let"s Encrypt"".
Cached Let"s Encrypt DCV (Domain Control Validation) values: 0
Looking for potential NAT (Network Address Translation) problems "
6:07:53 PM SUCCESS 0.0.0.0 (1.1.1.1): OK
6:07:53 PM Analyzing 1 user "
6:07:53 PM Analyzing "domain""s domains "
6:07:53 PM Analyzing "domain.tld" (website) "
6:07:53 PM ERROR TLS Status: Defective
Certificate expiry: 9/20/24, 12:45 AM UTC (363.07 days from now)
ERROR Defect: OPENSSL_VERIFY: The certificate chain failed OpenSSL"s verification (0:18:DEPTH_ZERO_SELF_SIGNED_CERT).
6:07:53 PM Attempting to ensure the existence of necessary CAA records "
6:07:53 PM No CAA records were created.
6:07:53 PM Verifying 10 domains" management status "
Verifying "Let"s Encrypt"s authorization on 10 domains via DNS CAA records "
6:08:23 PM WARN DNS query error (domain.tld/NS): (XID mj97tu) DNS request timeout: domain.tld/NS
6:08:23 PM ERROR "domain.tld" is unmanaged. Verify this domain"s registration and authoritative nameserver configuration to correct this problem.
6:08:23 PM WARN DNS query error (www.domain.tld/NS
WARN DNS query error (domain.tld/NS): (XID btdenw) DNS request timeout: domain.tld/NS
6:08:23 PM ERROR "www.domain.tld" is unmanaged. Verify registration and authoritative nameserver configuration for this domain or "domain.tld" to correct this problem.
6:08:23 PM WARN DNS query error (mail.domain.tld/NS): (XID ayr4mm) DNS request timeout: mail.domain.tld/NS
WARN DNS query error (domain.tld/NS): (XID dgcs2v) DNS request timeout: domain.tld/NS
6:08:23 PM ERROR "mail.domain.tld" is unmanaged. Verify registration and authoritative nameserver configuration for this domain or "domain.tld" to correct this problem.
6:08:23 PM WARN DNS query error (cpanel.domain.tld/NS): (XID w9bazc) DNS request timeout: cpanel.domain.tld/NS
WARN DNS query error (domain.tld/NS): (XID gk7e93) DNS request timeout: domain.tld/NS
6:08:23 PM ERROR "cpanel.domain.tld" is unmanaged. Verify registration and authoritative nameserver configuration for this domain or "domain.tld" to correct this problem.
6:08:23 PM WARN DNS query error (webdisk.domain.tld/NS): (XID ef329v) DNS request timeout: webdisk.domain.tld/NS
WARN DNS query error (domain.tld/NS): (XID cmzaq8) DNS request timeout: domain.tld/NS
6:08:23 PM ERROR "webdisk.domain.tld" is unmanaged. Verify registration and authoritative nameserver configuration for this domain or "domain.tld" to correct this problem.
6:08:23 PM WARN DNS query error (webmail.domain.tld/NS): (XID fw2wsj) DNS request timeout: webmail.domain.tld/NS
6:08:40 PM WARN DNS query error (domain.tld/NS): SERVFAIL (2)
6:08:40 PM ERROR "*.domain.tld" is unmanaged. Verify this domain"s registration and authoritative nameserver configuration to correct this problem.
6:08:40 PM WARN DNS query error (domain.tld/NS): SERVFAIL (2)
WARN DNS query error (domain.tld/NS): SERVFAIL (2)
WARN DNS query error (domain.tld/NS): SERVFAIL (2)
WARN DNS query error (domain.tld/NS): SERVFAIL (2)
6:08:40 PM ERROR "webmail.domain.tld" is unmanaged. Verify registration and authoritative nameserver configuration for this domain or "domain.tld" to correct this problem.
6:08:40 PM WARN DNS query error (cpcontacts.domain.tld/NS): SERVFAIL (2)
6:08:40 PM ERROR "cpcontacts.domain.tld" is unmanaged. Verify registration and authoritative nameserver configuration for this domain or "domain.tld" to correct this problem.
6:08:40 PM WARN DNS query error (cpcalendars.domain.tld/NS): SERVFAIL (2)
6:08:40 PM ERROR "cpcalendars.domain.tld" is unmanaged. Verify registration and authoritative nameserver configuration for this domain or "domain.tld" to correct this problem.
6:08:40 PM WARN DNS query error (www.domain.tld"
6:08:40 PM WARN DNS query error (whm.domain.tld/NS): SERVFAIL (2)
6:08:40 PM ERROR "whm.domain.tld" is unmanaged. Verify registration and authoritative nameserver configuration for this domain or "domain.tld" to correct this problem.
AutoSSL cannot confirm management status for any of this user"s 10 domains. AutoSSL cannot secure any domain without confirming its management status.
6:08:40 PM WARN DNS query error (mail.domain.tld/CAA): SERVFAIL (2)
6:08:40 PM CA authorized: "mail.domain.tld"
6:08:40 PM WARN DNS query error (cpanel.domain.tld/CAA): SERVFAIL (2)
6:08:40 PM CA authorized: "cpanel.domain.tld"
6:08:40 PM WARN DNS query error (webdisk.domain.tld/CAA): SERVFAIL (2)
6:08:40 PM CA authorized: "webdisk.domain.tld"
6:08:40 PM WARN DNS query error (webmail.domain.tld/CAA): SERVFAIL (2)
6:08:40 PM CA authorized: "webmail.domain.tld"
6:08:40 PM WARN DNS query error (cpcontacts.domain.tld/CAA): SERVFAIL (2)
6:08:40 PM CA authorized: "cpcontacts.domain.tld"
6:08:40 PM WARN DNS query error (cpcalendars.domain.tld/CAA): SERVFAIL (2)
6:08:40 PM CA authorized: "cpcalendars.domain.tld"
6:08:40 PM WARN DNS query error (whm.domain.tld/CAA): SERVFAIL (2)
6:08:40 PM CA authorized: "whm.domain.tld"
"Let"s Encrypt"" is authorized to issue certificates for 10 of this user"s 10 domains.
6:08:40 PM AutoSSL cannot increase "domain""s SSL coverage.
6:08:40 PM The system finished checking 1 user.
Emptying Let"s Encrypt"s DCV (Domain Control Validation) cache "
I've tried running from a support article
for i in {a..m}; do echo -n "$i.root-servers.net: "; dig -4 "$i".root-servers.net @"$i".root-servers.net +short;done
and everything returns as it should.
I have tried going to my domain from a another network and it is able to be accessed from the outside.
Again, AutoSSL with Lets Encrypt was working correctly before hand without any issue on the Cloudlinux 7 install.
Any suggestions would be greatly appreciated.
-
Hey there! *Something* must be up with the DNS in order for the tool to generate that error. Can you try scanning the domain with intodns.com and see if there is anything out of the ordinary listed there? 0 -
Everything is either green or blue. The only this is there is a warning for "Not all of your nameservers are in different subnets" but thats because I just have one server for everything. 0 -
Alright, so the resolver test is good and DNS itself looks good. Can you try this command to see if it shows anything useful? /scripts/cpdig domain.com A --verbose
Just replace "domain.com" with the domain you're checking and see if that shows anything helpful.0 -
So I got this as a result. 0.0.0.0 is my domain's IP. [1695792629] libunbound[1279029:0] notice: init module 0: validator [1695792629] libunbound[1279029:0] notice: init module 1: iterator [1695792629] libunbound[1279029:0] info: resolving domain.tld. A IN [1695792629] libunbound[1279029:0] info: priming . IN NS [1695792629] libunbound[1279029:0] info: response for . NS IN [1695792629] libunbound[1279029:0] info: reply from <.> 199.9.14.201#53 [1695792629] libunbound[1279029:0] info: query response was ANSWER [1695792629] libunbound[1279029:0] info: priming successful for . NS IN [1695792629] libunbound[1279029:0] info: resolving l.root-servers.net. AAAA IN [1695792629] libunbound[1279029:0] info: resolving m.root-servers.net. AAAA IN [1695792629] libunbound[1279029:0] info: resolving m.root-servers.net. A IN [1695792629] libunbound[1279029:0] info: response for l.root-servers.net. AAAA IN [1695792629] libunbound[1279029:0] info: reply from <.> 192.203.230.10#53 [1695792629] libunbound[1279029:0] info: query response was REFERRAL [1695792629] libunbound[1279029:0] info: response for m.root-servers.net. AAAA IN [1695792629] libunbound[1279029:0] info: reply from <.> 198.97.190.53#53 [1695792629] libunbound[1279029:0] info: query response was REFERRAL [1695792629] libunbound[1279029:0] info: response for m.root-servers.net. A IN [1695792629] libunbound[1279029:0] info: reply from <.> 192.58.128.30#53 [1695792629] libunbound[1279029:0] info: query response was REFERRAL [1695792629] libunbound[1279029:0] info: response for domain.tld. A IN [1695792629] libunbound[1279029:0] info: reply from <.> 193.0.14.129#53 [1695792629] libunbound[1279029:0] info: query response was REFERRAL [1695792629] libunbound[1279029:0] info: response for domain.tld. A IN [1695792629] libunbound[1279029:0] info: reply from 192.33.14.30#53 [1695792629] libunbound[1279029:0] info: query response was REFERRAL [1695792629] libunbound[1279029:0] info: resolving ns2.domain.tld. AAAA IN [1695792629] libunbound[1279029:0] info: resolving ns1.domain.tld. AAAA IN [1695792629] libunbound[1279029:0] info: response for domain.tld. A IN [1695792629] libunbound[1279029:0] info: reply from 0.0.0.0#53 [1695792629] libunbound[1279029:0] info: query response was ANSWER 0.0.0.0 0 -
That looks perfect to me - I've run out of obvious things to check on my end, so could you submit a support ticket to our team and then post the number here so I can follow along? 0 -
The Ticket ID is 95130287 0 -
Thanks for that - it looks like our team found potential DNS propagation problems with the zone as it doesn't seem to be properly resolving at all times. If you don't believe the issue is related to propagation, and the DNS has not been changed for 48 hours or more, please let us know in the ticket so we can try some additional tests. 0
Please sign in to leave a comment.
Comments
7 comments