Missing SSL certificate on DNSOnly
Hello,
I have a cPanel&WHM version 110.0.14
When I open https://dns.*.*.*.ba:2087/
I see that certificate missing.
I don't understand why.
Best regards,
Elizabeta
-
Hello, I checked validity (click about certificate on the page) Best regards, Elizabeta 0 -
Hey there! Can you get me more details on what you mean when you say the certificate is missing? In your screenshot, I can see the padlock in the URL bar, indicating the page is SSL secured. 0 -
Hello, When I click on a web link appears Connection not secure It looks like the certificate is not valid. BR, Elizabeta 0 -
If you click the right arrow in that screenshot does it give you more data about the connection? 0 -
Can you run the following command and tell us the output? /usr/local/cpanel/bin/checkallsslcerts
0 -
Hello, There is output of the command [root@dns ~]# /usr/local/cpanel/bin/checkallsslcerts The system will check for the certificate for the "cpanel" service. The system will attempt to replace the self-signed certificate for the "cpanel" service with a signed certificate from the cPanel Store. The system will attempt to install a certificate for the "cpanel" service from the system ssl storage. None of the certificates in the system ssl storage were acceptable to use for the "cpanel" service. The system will attempt to install a certificate for the "cpanel" service from the cPanel store. [WARN] The system failed to acquire a signed certificate from the cPanel Store because of the following error: The system failed to acquire a signed certificate from the cPanel Store. ({"domain_details":null,"status":"revoked","status_details":null,"status_message":"Stale CSR"}) The system will check for the certificate for the "exim" service. The system will attempt to replace the self-signed certificate for the "exim" service with a signed certificate from the cPanel Store. The system will attempt to install a certificate for the "exim" service from the system ssl storage. None of the certificates in the system ssl storage were acceptable to use for the "exim" service. Best regards, Elizabeta 0 -
Can you try running this command on the server? mv /var/cpanel/hostname_cert_csrs{,.cpbkp} -v That will remove the state CSR and then you should be able to issue the certificate normally. 0 -
Hello, This is output of the command [root@dns ~]# mv /var/cpanel/hostname_cert_csrs{,.cpbkp} -v "/var/cpanel/hostname_cert_csrs" -> "/var/cpanel/hostname_cert_csrs.cpbkp" @cPRex Maybe I should do mv /var/cpanel/hostname_cert_csrs.cpbkp -v BR, Elizabeta 0 -
Hello, I run mv /var/cpanel/hostname_cert_csrs.cpbkp -v mv: missing destination file operand after "/var/cpanel/hostname_cert_csrs.cpbkp" Try 'mv --help' for more information. 0 -
Hello, In directory [root@dns hostname_cert_csrs.cpbkp]# ls -la total 16 drwxr-xr-x 2 root root 24 Sep 25 03:41 . drwx--x--x. 97 root root 8192 Nov 15 10:25 .. -rw------- 1 root root 1223 Sep 25 03:41 2625482447 Can I just remove file 2625482447 ? 0 -
This command mv /var/cpanel/hostname_cert_csrs{,.cpbkp} -v moves directory /var/cpanel/hostname_cert_csrs/ to /var/cpanel/ hostname_cert_csrs.cpbkp that is just making a backup of that directory, you will not really need it or use it. after that you can run command: /usr/local/cpanel/bin/checkallsslcerts and that should install a new certificate. 0 -
Hello, I run [root@dns ~]# mv /var/cpanel/hostname_cert_csrs{,.cpbkp} -v mv: cannot stat "/var/cpanel/hostname_cert_csrs": No such file or directory /usr/local/cpanel/bin/checkallsslcerts The system will check for the certificate for the "cpanel" service. The system will attempt to replace the self-signed certificate for the "cpanel" service with a signed certificate from the cPanel Store. The system will attempt to install a certificate for the "cpanel" service from the system ssl storage. None of the certificates in the system ssl storage were acceptable to use for the "cpanel" service. The system will attempt to install a certificate for the "cpanel" service from the cPanel store. Setting up HTTP DCV (/usr/local/apache/htdocs/.well-known/pki-validation/1AFA994D8D4564FFB0E6EA10F38D67D6.txt) " " complete. Setting up DNS DCV for "dns.wh.tel.net.ba" " " complete. Attempting DNS DCV preflight checks " dns.wh.tel.net.ba: DNS DCV OK www.dns.wh.tel.net.ba: DNS DCV OK mail.dns.wh.tel.net.ba: DNS DCV OK cpanel.dns.wh.tel.net.ba: DNS DCV OK webmail.dns.wh.tel.net.ba: DNS DCV OK whm.dns.wh.tel.net.ba: DNS DCV OK cpcalendars.dns.wh.tel.net.ba: DNS DCV OK cpcontacts.dns.wh.tel.net.ba: DNS DCV OK Succeeded domains: 8 Failed domains: 0 Requesting certificate from cPStore " The cPanel Store returned an error (X::TemporarilyUnavailable) in response to the request "POST ssl/certificate/whm-license/90-day": We were unable to process your request. Please try again later. Undoing HTTP DCV setup (/usr/local/apache/htdocs/.well-known/pki-validation/1AFA994D8D4564FFB0E6EA10F38D67D6.txt) " " complete. Enqueueing undo of DNS DCV setup (CNAME _1afa994d8d4564ffb0e6ea10f38d67d6.dns.wh.tel.net.ba) " Undoing DNS DCV setup " " done. [WARN] The system failed to acquire a signed certificate from the cPanel Store because of the following error: (XID heg8g8) The cPanel Store returned an error (X::TemporarilyUnavailable) in response to the request "POST ssl/certificate/whm-license/90-day": We were unable to process your request. Please try again later. The system will check for the certificate for the "exim" service. The system will attempt to replace the self-signed certificate for the "exim" service with a signed certificate from the cPanel Store. The system will attempt to install a certificate for the "exim" service from the system ssl storage. None of the certificates in the system ssl storage were acceptable to use for the "exim" service. There is problem again. BR, Elizabeta 0 -
Hello, I run again this command [root@dns ~]# /usr/local/cpanel/bin/checkallsslcerts The system will check for the certificate for the "cpanel" service. The system will attempt to replace the self-signed certificate for the "cpanel" service with a signed certificate from the cPanel Store. The system will attempt to install a certificate for the "cpanel" service from the system ssl storage. None of the certificates in the system ssl storage were acceptable to use for the "cpanel" service. The system will attempt to install a certificate for the "cpanel" service from the cPanel store. Setting up HTTP DCV (/usr/local/apache/htdocs/.well-known/pki-validation/764D4A8B71D25C8F4831B01196AC4C1D.txt) " " complete. Setting up DNS DCV for "dns.wh.tel.net.ba" " " complete. Attempting DNS DCV preflight checks " dns.wh.tel.net.ba: DNS DCV OK www.dns.wh.tel.net.ba: DNS DCV OK mail.dns.wh.tel.net.ba: DNS DCV OK cpanel.dns.wh.tel.net.ba: DNS DCV OK webmail.dns.wh.tel.net.ba: DNS DCV OK whm.dns.wh.tel.net.ba: DNS DCV OK cpcalendars.dns.wh.tel.net.ba: DNS DCV OK cpcontacts.dns.wh.tel.net.ba: DNS DCV OK Succeeded domains: 8 Failed domains: 0 Requesting certificate from cPStore " Order submitted. (Order item ID: 2686979607) The system will check for the certificate for the "exim" service. The system will attempt to replace the self-signed certificate for the "exim" service with a signed certificate from the cPanel Store. The system will attempt to install a certificate for the "exim" service from the system ssl storage. None of the certificates in the system ssl storage were acceptable to use for the "exim" service. The cPanel Store is processing the hostname certificate request. The system will check the cPanel Store again the next time that "/usr/local/cpanel/bin/checkallsslcerts" runs. But when I open link on the web There is a problem again. BR, Elizabeta 0 -
That output looks good, but doesn't indicate that the install completed: "The cPanel Store is processing the hostname certificate request." It's been a few hours since your post, is a new SSL not installed? 0 -
Hello, @cPRex now is everything ok. Thank you very much for your help. Best regards, Elizabeta 0 -
I'm glad to hear things worked well! 0
Please sign in to leave a comment.
Comments
16 comments