Free hostname certificates not updating

xanadu

• March 03, 2017 18:56

For one of our VPS the Comodo certificate for the hostname, expired 4 days ago and the AutoSSL did not install the certificate and as a result we get security warnings when we attempt to log into WHM via HTTPS AutoSSL is working great on all our other servers and I cannot see any setting differences, I am hoping the brains trusts in this forum can give me a clue as to how to remedy this issue.

• 

  Jcats

  • March 04, 2017 03:43

  What happens if you run:
  # /usr/local/cpanel/bin/checkallsslcerts
  Can you provide the output

  0
• 

  xanadu

  • March 04, 2017 19:50

  Thyanks for your interest jcats. Unfortunately nothing happens when I run # /usr/local/cpanel/bin/checkallsslcerts, there is no output.

  0
• 

  Jcats

  • March 04, 2017 21:42

  That usually is a good sign, that there is nothing left to do. Go into WHM > Service Configuration " Manage Service SSL Certificates Click reset on one of the services, then click "Apply Certificate to Another Service" on that same service and apply to all of them. Once that is done, then run
  # /usr/local/cpanel/bin/checkallsslcerts
  again What version of cPanel are you running also?

  0
• 

  smurf

  • March 05, 2017 12:47

  We've experienced this issue as well with the latest cPanel 62. We resolved it using the steps below: 1. Delete the old externally issued host name cert from the following locations:
  /var/cpanel/ssl/domain_tls/

/var/cpanel/ssl/installed/
  2. Delete all 'mycpanel' .pem files from the following directory
  /var/cpanel/ssl/cpanel/
  3. Run:
  /usr/local/cpanel/bin/checkallsslcerts
  Open your WHM / cPanel and hopefully the expired SSL warnings will have gone and you'll see your cPanel issued hostname cert.

  0
• 

  cPanelNick

  • March 05, 2017 21:54

  If you are having a problem getting a free hostname certificate to renew, please open a ticket in WHM or at cPanel Customer Portal with the output of: /usr/local/cpanel/bin/checkallsslcerts --verbose

  0
• 

  xanadu

  • March 06, 2017 04:45

  Thanks everybody, it looks like a time issue: I checked all servers at 0500 AEST and the server that was out of step, no longer has an issue. I guess it was a cPanel timing issue! Cheers all.

  0
• 

  cPanelMichael

  • March 06, 2017 13:47

  Hello @xanadu, I'm happy to see you were able to address the issue. I encourage anyone else experiencing this issue to open a support ticket using the link in my signature, ensuring to include the output from the following command:
  /usr/local/cpanel/bin/checkallsslcerts --verbose
  You can also post the ticket number here so we can update this thread with the outcome. Thank you.

  0
• 

  Luke P

  • March 14, 2017 07:37

  Hi, I'm experiencing this issue. I just ordered a dedicated server last week and had to go through some DNS changes which only happened today after updating the nameservers. I've updated the hostname and tried many different steps with no luck. I have 2 other dedicated servers that have cPanel issued certs for the hostnames with no issues, so I am a bit puzzled. My output for the checkallsslcerts --verbose is as follows: The system will attempt to replace the self-signed certificate for the "dovecot" service with a signed certificate from the cPanel Store. The system will attempt to replace the self-signed certificate for the "cpanel" service with a signed certificate from the cPanel Store. The system will attempt to replace the self-signed certificate for the "ftp" service with a signed certificate from the cPanel Store. The system will attempt to replace the self-signed certificate for the "exim" service with a signed certificate from the cPanel Store. The cPanel Store is processing the hostname certificate request. The system will check the cPanel Store again the next time that "/usr/local/cpanel/bin/checkallsslcerts" runs. I've even run an update on cPanel as my host advised that the certs normally get done overnight but I can trigger this manually by running the cPanel update but still no luck. "/usr/local/cpanel/scripts/upcp" Is this just because the DNS is still updating as that was only done a few hours earlier? I do have a firewall on which I have restricted heavily due to the nature of the site to be hosted on it but I even disabled this during my investigation and updates etc with no luck. Thanks in advance for any guidance you can provide. P.S. Huge fan of cPanel / WHM and to be honest... I've never encountered something I couldn't resolve until now so I've never had a need to post. Seriously amazing work though peeps! :)

  0
• 

  cPanelMichael

  • March 14, 2017 15:30

  Is this just because the DNS is still updating as that was only done a few hours earlier?

  
  Hello, It's possible that's the reason. Can you confirm if the issue still persists at this time? If so, feel free to open a support ticket using the link in my signature if you'd like us to take a closer look. Thank you.

  0

Please sign in to leave a comment.