AutoSSL Error
I am receiving the error below with AutoSSL on multiple domains. I am uncertain why and have tried everything I can think of to resolve. The error is not very clear. Has anyone ever seen this or know how to resolve?
This seems to indicate a problem with the .htaccess file, but the file functions perfectly. I also added access for AutoSSL to get through the RequireAny.
Log for the AutoSSL run for "user": Thursday, July 20, 2017 3:33:36 PM GMT-0500 (Let"s Encrypt")
3:33:36 PM This system has AutoSSL set to use "Let"s Encrypt"".
3:33:36 PM Checking websites for "user" "
3:33:36 PM The website "domain.com, owned by "user", has a faulty SSL certificate (OPENSSL_VERIFY:0:18:DEPTH_ZERO_SELF_SIGNED_CERT NOT_ALL_DOMAINS). AutoSSL will attempt to replace this certificate.
3:33:37 PM WARN Apache detected an error in the Rewrite config. AH00526: Syntax error on line 121 of /home/user/public_html/.htaccess.2eyxJsegWkooi3vsDaOd8FShnvsp9rEE: <RequireAny> directive contains no authorization directives
Please try again. at /usr/local/cpanel/Cpanel/HttpUtils/Htaccess.pm line 407.
3:33:37 PM The system has completed the AutoSSL check for "user".-
Looks like an issue with your .htaccess Syntax error on line 121 of /home/user/public_html/.htaccess Can you paste that and the surrounding lines 0 -
That is what i thought too, but can't find anything wrong. Apache has no problems with it and works fine. Just seems to be the cPanel script that throws a fit.. Line 121 is actually a comment line: # Allow from dynamic IPv6 host: something.somthing.com /56
The surrounding lines are:# Allow from dynamic IPv4 host: cable.home-office.something.com Require ip 184.30.111.179 # Allow from dynamic IPv6 host: something.something.com /56 Require ip 2605:a000:1111:1111:1111:9e9d:eb0f:f56a/56 # Allow from dynamic IPv6 host: something.something2.com /64 Require ip 2605:a000:1111:1111:1111:cbff:fe25:4516/640 -
I am uncertain why and have tried everything I can think of to resolve.
I suppose the easy answer is, remove that htaccess, and run the SSL update to get the cert installed.0 -
I suppose the easy answer is, remove that htaccess, and run the SSL update to get the cert installed.
That works, but doesn't solve the problem and isn't a long term solution. This is occurring for ~20 accounts on multiple servers...0 -
The docs may be of some use to you: mod_authz_core - Apache HTTP Server Version 2.4 0 -
The docs may be of some use to you: mod_authz_core - Apache HTTP Server Version 2.4
I don't think this has much to do with my issue. My .htaccess file is working great and functions as expected. AutoSSL is the issue here - it seems to be reading the .htaccess file when requesting a new SSL certificate (not sure why) and errors out because it doesn't like something in the file.0 -
Is it? I offered the docs for the code you're using in your htaccess file assuming you might want to check to make sure you can add those lines as you have them. As they are, cPanel's AutoSSL doesn't like them for some reason. AutoSSL isn't an issue, that's how it works. There is a new option in Tweak setting you might like to know about: WebHost Manager "Server Configuration "Tweak Settings, Domains tab: Use a Global DCV rewrite exclude instead of .htaccess modification (requires Apache 2.4+, EA4) When you enable this option, Apache adds global rewrite rules to the webserver configuration so that the system does not process additional rewrite rules for DCV filenames. These global rules make it unnecessary for cPanel & WHM to modify each account"s .htaccess file. Note: When you enable this option, the system receives a trivial performance penalty because all of the HTTP requests must be matched against the DCV filename regular expressions.
HTH!0 -
Line 121 is actually a comment line:
Does removing just the comment lines make any difference?0
Please sign in to leave a comment.
Comments
8 comments