The cPanel Store is processing the hostname certificate request

bmango

• October 16, 2017 04:02

Everyday I am receiving about two emails which say: The cPanel Store is processing the hostname certificate request. The system will check the cPanel Store again the next time that "/usr/local/cpanel/bin/checkallsslcerts" runs. The title for the email is: Output from your job 575 Although the job number changes. Can anyone tell me how to stop these emails? I checked the crontab and have set all outputs to > /dev/null 2>&1, so it doesn't seem to be originating from here. I saw one link when researching this topic which suggested going to the Manage2 dashboard, but I didn't even know I had a Manage2 account and have no idea what my login details would be.

• 

  cPWilliamL

  • October 16, 2017 12:34

  Hi bmango, The cPanel Store is processing the hostname certificate request.
  The SSL email is being generated from the nightly maintenance, which runs as a part of the daily update cron job. It sounds like your hostname SSL CRT is about to expire. From the output, it has been validated locally but is still pending external verification. Have you confirmed your hostname currently resolves and that there aren't any firewall blocks that could be preventing the external validation? The DCV files should be located at '/var/www/html/.well-known/pki-validation/'. You can pick one of the DCV files, and test validation by curling it with your hostname:
  # ls /var/www/html/.well-known/pki-validation/ 00A00C268912E85EDEE2A77EB55CBBB0.txt 6950719DCF6FC36E459D2939FED3DC10.txt B36B813F766705ECB1188E5E195CBA11.txt 02C45FD1AEC157354CA43F27D885DE6D.txt 6ACC2ED0348359598502155AC323810F.txt B8920E51603535609E3C9926454F6378.txt # curl -sI "./.well-known/pki-validation/00A00C268912E85EDEE2A77EB55CBBB0.txt" HTTP/1.1 200 OK Date: Mon, 16 Oct 2017 12:29:30 GMT Server: Apache Last-Modified: Wed, 06 Sep 2017 20:38:21 GMT Accept-Ranges: bytes Content-Length: 77 Content-Type: text/plain
  Output from your job 575
  This could be coming from a large range of cron jobs as this is generic for any cron job that produces output. Is there no other information in the email? If not, you may need to correlate the time of the email with the cron log at '/var/log/cron'.

  0
• 

  bmango

  • October 17, 2017 14:24

  Thanks very much for your reply. I checked the location of the DCV files and they seem to be at /usr/local/apache/htdocs. I tried using curl and got the following output:
  curl -sI "/8CC24C30E69EDEA83F9758CA8549A636.txt" HTTP/1.1 200 OK Date: Tue, 17 Oct 2017 11:05:47 GMT Server: Apache Last-Modified: Sat, 14 Oct 2017 22:35:59 GMT Accept-Ranges: bytes Content-Length: 53 Content-Type: text/plain
  I think the firewall may be the issue so I have whitelisted the comodo IPs which I found at

  0
• 

  cPWilliamL

  • October 18, 2017 12:11

  This is not the correct path, which may be why the validation has not completed. Could you confirm your cPanel version? As of 62.0.26, 64.0.32, and 66.0.1, the DCV file should exist in the '/usr/local/apache/htdocs/.well-known/pki-validation' directory for EA3 and '/var/www/html/.well-known/pki-validation' for EA4. If you are not on one of these versions or greater, you'll need to update cPanel so it stores the DCV file in the new path, which was required by Comodo.

  0
• 

  bmango

  • October 23, 2017 10:05

  Thanks again for your reply. In the end I followed the instructions at Free cPanel-Signed Hostname Certificate - cPanel Knowledge Base - cPanel Documentation to disable the requests by adding a file "disable_service_certificate_management" in the /var/cpanel/ssl folder. I also updated the cPanel to the latest version, as mine had not been updated for about 2 years!

  0

Please sign in to leave a comment.