AutoSSL Renewals
1. I'm in the situation on one of the certificates expired. The new one are in pending status. Meantime the website keep display the window showing Invalid Cert warning to end users who browse the site.
That's not good at all for those domains. And the cherry on top is that other domains SSL will expire in the next few days. There is no pending new SSL in the system for them. So seams that your built in system AutoSSL are requesting the new SLL only after the old one expired.
-
Hello @chiareu, Could you browse to the "Logs" tab in "WHM >> Manage AutoSSL" and view the most recent log to let us know the specific message you see regarding this domain name? And the cherry on top is that other domains SSL will expire in the next few days. There is no pending new SSL in the system for them. So seams that your built in system AutoSSL are requesting the new SLL only after the old one expired.
Were these certificates generated via the AutoSSL feature, or are these non-AutoSSL certificates the AutoSSL feature is replacing because you have enabled Allow AutoSSL to replace invalid or expiring non-AutoSSL certificates under the "Options" tab in "WHM >> Manage AutoSSL"? The expiring non-AutoSSL certificates are replaced when they expire within 3 days, as opposed to the 15-day expiry window used when certificates generated through the AutoSSL feature are replaced. Thank you.0 -
Hi, here we have last log entries for that domain: Log for the AutoSSL run for all users: Saturday, February 18, 2017 2:00:01 AM GMT+0200 (cPanel (powered by Comodo)) 2:00:01 AM This system has AutoSSL set to use "cPanel (powered by Comodo)". 2:00:01 AM Checking websites for "example" " 2:00:01 AM The website "example.ro", owned by "example", has a faulty SSL certificate (OPENSSL_VERIFY:0:10:CERT_HAS_EXPIRED ALMOST_EXPIRED AUTOSSL_READY_FOR_RENEWAL). AutoSSL will attempt to replace this certificate. 2:00:02 AM The system will attempt to renew SSL certificates for the following websites: 2:00:02 AM example.ro (example.ro www.example.ro mail.example.ro) 2:00:02 AM The system has completed the AutoSSL check for "example". AutoSSL Pending Queue Showing 1 - 3 of 3 items Domain Website User Request Time Order Item ID Status mail.example.ro example.ro example Feb 12, 2017 12:00:01 AM 112909161 Pending www.example.ro example.ro example Feb 12, 2017 12:00:01 AM 112909161 Pending example.ro example.ro example Feb 12, 2017 12:00:01 AM 112909161 Pending
0 -
Same story here. Status remains "Pending". 0 -
No offense to cPanel but the Comodo SSL's are a pain, I would recommend using LetsEncrypt, its very easy to install with one command via SSH and have much less issues.: The Let's Encrypt Plugin - cPanel Knowledge Base - cPanel Documentation 0 -
Hello, Feel free to open a support ticket using the link in my signature so we can verify why the AutoSSL validation process isn't succeeding. You can post the ticket number here and we can update this thread with the outcome. Thank you. 0 -
+1 - many pending requests in the queue. most of them are 6 to 7 days old. Previously issued certificates have expired. I tried removing them from the server and requesting new check - but request end up in the queue with "pending" state, saying - "...waiting AutoSSL provider to validate and issue..." 0 -
I tried removing them from the server and requesting new check - but request end up in the queue with "pending" state, saying - "...waiting AutoSSL provider to validate and issue..."
Do you notice any additional output for these domain names in the most recent log under the "Logs" tab in "WHM >> Manage AutoSSL"? Thank you.0 -
Some log entries end with "SUCCESS The certificate is now installed!". Some, especially for the user in question, still has "The system has completed the AutoSSL check for "username"." Is there way to removed entries from active queue and just try with a new request? Does system use any non-stadard ports for this? 0 -
Hello, The domain validation process occurs over the standard Apache port (e.g. 80). Could you open a support ticket so we can take a closer look to see why domain validation is failing for the accounts in question? Thank you. 0
Please sign in to leave a comment.
Comments
9 comments