AutoSSL not working since update to Almalinux8
AnsweredHi community - first post here.
Just updated from Centos8 to Almalinux8. All seems well apart from the fact that autossl (any type) now fails DCV.
For context, this is a dedicated server, been running fine along with autossl for about 3 years now.
I've explored a few things and turning up nothing so feel best I ask if anyone else has had this issue.
Things that I've observed.
Doing a dig against a hosted domain resolves to an internal IP - not the correct IP from DNS (checked on another machine).
The internal IP I've never seen before, looking under IP Functions -> Show od Delete Current IP Addresses, I can see this IP as a "local" IP, and the linked public IP is correct.
Server IP is correct in basic webhost manager.
The rogue IP address does appear in /etc/wwwacct.conf and /etc/resolv.conf (I did edit these, and do a reboot, but nothing changed, so changed them back).
At a bit of a loss now. I have logged this with my hosting provider ANS, but they've been less than helpful. Tried to log a ticket here, however it advises that ANS manage the support.
Any help would be greatly appreciated.
-
Hi cPRex, ok, I thought I'd ask at least.
I'll give my host another 24 hours, if not, I'll reach out.
Thank you for your quick response. It's appreciated.1 -
Hey there! Do you get the correct IP address for the domain when you run the following command?
/scripts/cpdig domain.com A
This will check the DNS the way cPanel and AutoSSL does, so it's a good place to start.
To be clear, if your host isn't able to resolve the issue, they should escalate the problem to us.
0 -
Hi cPRex!
Thanks for the reply and the steps. Running that comment shows the incorrect IP address...
Thanks for the information about their escalation process that's good to know. Currently my ticket is sat in their system as a P3 with 28 days until a response... joy!0 -
As long as cpdig shows the incorrect IP, I would expect AutoSSL to fail as well. Hopefully the host will be able to get that resolved for you - if the sites are working as expected it is likely an issue with the NAT configuration on the system.
0 -
Yes, thats exactly the situation which makes all this odd. The sites load just fine. Only the SSL fails, and digs from the server itself. Everything else is fine.
The NAT configuration, where abouts would that be located? I will go and have a look and see if I can spot anything obvious.0 -
I'm not sure it's really "located" anywhere, but if the sites are working well, that is also fine.
0 -
Still nothing from my host. I've posted your pointers in a view to help them, but I've not gotten any reply as of yet.
Is there a way I can raise a ticket direct with you guys?0 -
If your license isn't purchased directly from us there isn't a way to do that. If you'd like to reach out to cs@cpanel.net with feedback about your support interaction with your host, we'd like to hear that.
0 -
Have now emailed as requested. Still no response from my host.
0 -
I'm sorry to hear that - it seems to be a network issue of some sort, so it would be best if they handled that for you.
0 -
Had a reply and finally the issue is resolved. Apparently, they had to turn off "DNS Doctoring"?
Thank you cPRex for your help and guidance. Moving forward I think I'll buy directly from you guys to enable support.
Thanks again.0 -
I've never heard of DNS Doctoring, but I'm glad they figured it out!
0
Please sign in to leave a comment.
Comments
12 comments