AutoSSL Mail Node
Good afternoon!
I'm having trouble performing autossl on my exclusive Mailnode server!
When attempting to generate a certificate, it simply doesn't react at all. I'm seeking help to understand what might be causing this issue and how I can correct it.
Here are some screenshots that show the certificate generation process:
I appreciate in advance any assistance or guidance you can provide.
-
Hey there! Can you try running the following command to see if that provides any useful output? /usr/local/cpanel/bin/autossl_check --user=username
Just replace "username" with the username of one of your accounts.0 -
Hey there! Can you try running the following command to see if that provides any useful output?
/usr/local/cpanel/bin/autossl_check --user=username
Just replace "username" with the username of one of your accounts.
It returns to me that it is a child account, which in fact is because it is a mailnode server. Is there any other way to be able to issue SSL to mail.domain webmail.domain?0 -
Alright, I've done some testing with this and reached out to the development team about this so I have some good answers for you. In general, AutoSSL is handled on the parent server. The only exception to this would be is if you're creating mail-only plans and you have created the account directly on the mail node machine. If you do have a directly-created account, you'll find that the AutoSSL tools work well. For a linked node where the account was created on the parent machine, all AutoSSL activity would happen on the parent - the '"username" is a child account. Skipping...' notice that you're getting is expected, as the parent controls the SSL. Does that help clear things up? 0 -
Alright, I've done some testing with this and reached out to the development team about this so I have some good answers for you. In general, AutoSSL is handled on the parent server. The only exception to this would be is if you're creating mail-only plans and you have created the account directly on the mail node machine. If you do have a directly-created account, you'll find that the AutoSSL tools work well. For a linked node where the account was created on the parent machine, all AutoSSL activity would happen on the parent - the '"username" is a child account. Skipping...' notice that you're getting is expected, as the parent controls the SSL. Does that help clear things up?
I fully understand your response. The mailnode is just a mail server, it inherits everything that is in the parent, but the IP pointing of webmail and mail is to the mailnode server, ie the parent server can not perform issuance of the SSL certificate. Another point the child server even being mailnode it does not give me the option to generate the autossl and this left me confused, if in case it becomes an exception and should work normally why the error? obs: Below is SSL generated by the primary parent server. Mail and Webmail are without authentication due to the pointing IP being for the mailnode.0 -
That's the opposite of the behavior we're expecting to see. Could you create a ticket with our team so we can see your node and child in action? That will let us do some direct troubleshooting and we can get you more details then. 0 -
Our team found that the parent server was not the authoritative DNS server for the domains, so the certificate was not being issued, as that is a requirement for the distributed nodes to receive the certificate. You could also configure a DNS cluster with this server in order to get things working, but the DNS *has* to be handled by the parent server and not in a remote system in order for the certificate to get distributed to the chid. 0 -
We're using a DNS cluster and the zones on the parent node, that's how we're able to emit SSL certificates normally on cPanel accounts that are not on the mail node. 0 -
At this point it is best to work through the ticket as we have access to the server there. 0 -
Was this resolved? We're moving closer to mail node implementation
0 -
WebJIVE - I don't believe this thread indicates a general issue with the node system, as the problem was specific to this user's implementation.
1
Please sign in to leave a comment.
Comments
10 comments