Skip to main content

AutoSSL reduced SSL coverage etc...

Comments

9 comments

  • cPRex Jurassic Moderator

    Hey there!  This just indicates that the old certificate covered those subdomains but the new certificate does not.  If you don't use those subdomains, or they have recently been removed, there is nothing you need to adjust on your end.

    0
  • Amiga500

    So these subdomains were all auto-created by the system from what I've been told.  Is there a way to disable SSL for them to avoid these messages in the future?

    0
  • cPRex Jurassic Moderator

    Sure - you can do that from cPanel using the details here - https://support.cpanel.net/hc/en-us/articles/360050034234-Exclude-a-domain-from-AutoSSL

    0
  • Amiga500

    Cool. Thank you very much!

    0
  • cPRex Jurassic Moderator

    You're welcome!

    0
  • Amiga500

    Hi,

    One more question about this topic. How often does cPanel run a AutoSSL check/scan?  We are thinking of just ignoring these messages for subdomains as they were auto created and not really needed, but at the same time I don't want our Help Desk being inundated with warning notifications from the server.  TY

    0
  • cPRex Jurassic Moderator

    The AutoSSL check happens daily as part of the nightly maintenance.

    0
  • Amiga500

    Hi,

    Is there a way to prevent the system from auto creating these subdomains that don't get used which trigger these "AutoSSL reduced SSL coverage" notifications?  Our Help Desk gets hammered when this  AutoSSL scan happens. Not sure if the notification is a one time deal and you only get notified when there's a new domain that it hasn't scanned yet?

    We could turn the notifications off I suppose but then we wouldn't get notified when one of the parent domains has an issue.

    The bigger issue is how the notification system is set up on cPanel.  You can only have ONE email address which you can set to receive HIGH or HIGH/MEDIUM notifications etc....  It would be nice if you could have a second email address where you could receive Medium or Low notifications.  Problem solved.  Then we could set these AutoSSL notifications to Medium and have them go to a separate email address for the Help Desk to review rather than having everything go to their pager/main notification route which should be for critical system notifications only.  It would be nice to have more flexibility in how the notification system is set up in cPanel. I did submit a feature request.  But I'm sure we will either never see anything happen or it will take a long time before the feature is added.  In the mean time, we are having to turn off multiple notification so our Help Desk doesn't get inundated with non critical notifications.  Yet, some of these we would still like to keep an eye on but....

    0
  • cPRex Jurassic Moderator

    Sure - you can disable the service domains in WHM >> Tweak Settings so those won't get created.

    For a change like that to the notification area we'd need a feature request, which can be submitted at features.cpanel.net

    0

Please sign in to leave a comment.