SSL certificate for hostname was replaced with self-signed one and now browser showing SSL warning
I have been getting about SSL certificate expiration warning for Service SSL Certificates. I have searched in the cPanel forum and found posts saying that I can ignore those warning emails since SSL will be automatically replace with the new one.
It, in fact, did but with a self-signed one. So now, when I go to my whm login page, I got SSL warning.
I tried to run this command "/usr/local/cpanel/bin/
Here is the terminal output of that command
-
Hey there! If you create a file inside the /var/www/html/.well-known/pki-validation directory, are you able to access that in the web browser normally? You could just create a page named text.txt and access it at your.hostnam.com/test.txt to test this.
If that doesn't work, that would lead to the AutoSSL you're receiving.
0 -
Hi,
Thanks for your reply.
First of all, this is not about a cPanel account's SSL; it is about WHM Service SSL.
There are 2 hostnames for my server.
One is provided by hosting before setting my custom hostname using WHM's Change Hostname interface. Let's say "vps-2c4933c7.vps.hosting.provided".Another one is my custom hostname, set by me using the mentioned interface. Let's say "cloud.myhostname.org".
Now I have logged into my server as root and created a "test.txt" file at /var/www/html/.well-known/pki-validation/test.txt and when I go to both of the following links, I get an SSL warning, but I can see the content of the text file.
https://vps-2c4933c7.vps.hosting.provided/.well-known/pki-validation/test.txt
https://cloud.myhostname.org/.well-known/pki-validation/test.txtWhat's next?
0 -
Thanks for the additional details. Those are all good signs, and what we want to see.
What happens if you run this, using the hostname of the server?
/scripts/cpdig your.hostname.com A
Does that return the correct IP address for the hostname of the machine?
0 -
Yes, it returns the IP address of the server. By the way, this is not the first time getting the SSL for the hostname. I was able to install cPanel-signed SSL for the first year. This is renewing for another year, and the problem occurs this time.
0 -
At this point it's likely best to create a ticket with either us or your host to have us take a look, as those whole process should be seamless for end users.
0 -
It appears that there is a DNS issue with your hostnames, as indicated by the error. I have confirmed that the A records for the hostnames are not reflecting as depicted in the provided screenshots:
The SSL renewal is being hindered by this DNS issue. I recommend contacting your hosting provider to address and rectify the DNS issue. Once the DNS is resolved, attempt to renew the SSL, and it should be successfully installed.
0 -
Thank you for your input but those are not actual hostnames. I have replaced them with dummy ones
1
Please sign in to leave a comment.
Comments
7 comments