Please translate these cryptic warning messages
Can someone plain translate these messges I oftentime recieve, and how to avoid?:
There is no recorded error on the system for “www.domain-name.com”. This might mean that this domain failed DCV (Domain Control Validation) when the system requested the new certificate, but the domain has since passed DCV.
There is no recorded error on the system for “mail.domain-name.come”. This might mean that this domain failed DCV (Domain Control Validation) when the system requested the new certificate, but the domain has since passed DCV.
-
I guess you are getting this while renewing/adding SSL for that domain name? It says that one check failed but another type of check succeeded so the certificate should have been issued. Do you see any issues?
Andrew N. - cPanel Plesk VMWare Certified Professional
Do you need immediate assistance? 20 minutes response time!* Open a ticket
EmergencySupport - Professional Server Management and One-time Services1 -
Could you also confirm if this was an email notification (as well as the subject, if so) or something inside the interface?
0 -
Hello cPRrex and thank you for responding!
Yes, it is an email unfortunately they have been deleted so I can't dig up the subject line. I receive these messages whenever the domain ssl is updated.
0 -
Thanks for the additional details. I found the following article talking about this change with Let's Encrypt:
I left a comment on that case for our team referencing this thread, and I'll be sure to post updates if I hear anything on my end!
0 -
thank you cPRex that is very informative and useful. The link basically says:
Procedure
Log into cPanel as the user that owns the domain.
Navigate to "Security » SSL/TLS Status."
Click "Exclude from AutoSSL" next to the domain.
That's it! After performing these steps, AutoSSL will no longer complain about losing coverage for this domain, and subsequent AutoSSL runs will be faster.
If there is a large number of domains that need to be excluded, select the checkbox next to each domain, then click "Exclude # Domain(s) from AutoSSL" in the section above the Domains table.
A domain may be included in AutoSSL after it has been excluded by following the procedure in Include a domain in AutoSSL.
Further documentation can be found on SSL/TLS Status hereSo the language is a bit confusing: will it just "not complain" or will it be excluded. "Not complaining is good" being "excluded" could cause issues, no?
0 -
I did reach out to our developers about this issue as it seems it's become a bit more prominent since the default is now Let's Encrypt. The case number associated with the new work on this is EK-96 and the developers are actively looking at this now, so I'll post an update once I have more details.
0 -
Hi cPRex. Can you please ask them for an approximate timeframe for this issue to be resolved? It's causing all our clients to stress out and it's wasting our time explaining that the email is wrong.
0 -
The best answer I have at this point is "soon" - it's scheduled to be fixed in version 120, but there is also a backport request to 110, 116, and 118.
0 -
Hi cPRex. That's great news, thanks for your help so far!
Can you please clarify, I believe version 120 is estimated to be released in April?
And when they release 120 (presumably including the fix), is it expected to take a long time to backport to 110, 116, 118 or does that happen within days/weeks?
If possible, it would be great to hear that the fix is still expected to be included in version 120...
0 -
120 is getting released to Edge on Tuesday if everything goes according to plan.
I still see the requests for the backport in place, although those haven't been completed. It looks like our work on the case has stalled as we are struggling to reproduce this in recent builds.
Nick - if you're still seeing this behavior in 118, could you please submit a ticket from an affected system so we can get some more details for testing?
0 -
> if you're still seeing this behavior in 118, could you please submit a ticket from an affected system so we can get some more details for testing?
I'm not using 118. I'm using 110.0.24 (CloudLinux v7.9.0 STANDARD kvm).
It's still happening. If you need any further details please let me know.
0 -
I'm not sure if the backport will make it to 110 at this point, as that is only going to receive the most critical of updates until it reached end-of-life in July.
0
Please sign in to leave a comment.
Comments
12 comments