AutoSSL fails on DNSONLY
Hello
I've been receiving errors regarding my SSL certificate on one of my DNSONLY servers.
When I run the /usr/local/cpanel/bin/checkallsslcerts on it the errors are:
Net::ACME2::X::Generic: No key ID has been set. Either pass “key_id” to new(), or create_account().
==> Net::ACME2::X::Generic::new('Net::ACME2::X::Generic', 'No key ID has been set. Either pass “key_id” to new(), or create_account().') (called in /usr/local/cpanel/3rdparty/perl/536/cpanel-lib/X/Tiny.pm at line 169)
==> X::Tiny::create('Net::ACME2::X', 'Generic', 'No key ID has been set. Either pass “key_id” to new(), or create_account().') (called in /usr/local/cpanel/3rdparty/perl/536/cpanel-lib/Net/ACME2.pm at line 609)
==> Net::ACME2::_die_generic('No key ID has been set. Either pass “key_id” to new(), or create_account().') (called in /usr/local/cpanel/3rdparty/perl/536/cpanel-lib/Net/ACME2.pm at line 539)
==> Net::ACME2::_require_key_id(Net::ACME2::LetsEncrypt=HASH(0x41013e0), HASH(0x4064648)) (called in /usr/local/cpanel/3rdparty/perl/536/cpanel-lib/Net/ACME2.pm at line 349)
==> Net::ACME2::create_order(Net::ACME2::LetsEncrypt=HASH(0x41013e0), 'identifiers', ARRAY(0x4433a98)) (called in /var/cpanel/perl/Cpanel/SSL/ACME.pm at line 56)
==> Cpanel::SSL::ACME::__ANON__() (called in /usr/local/cpanel/Cpanel/Try.pm at line 193)
==> (eval)() (called in /usr/local/cpanel/Cpanel/Try.pm at line 193)
==> Cpanel::Try::try(CODE(0x436fb60), 'Net::ACME2::X::ACME', CODE(0x3cdbe20)) (called in /var/cpanel/perl/Cpanel/SSL/ACME.pm at line 72)
==> Cpanel::SSL::ACME::create_order_for_domains(Net::ACME2::LetsEncrypt=HASH(0x41013e0), 'ns2.pecmo.com.mx', 'autoconfig.ns2.pecmo.com.mx', 'autodiscover.ns2.pecmo.com.mx', 'cpanel.ns2.pecmo.com.mx', 'cpcalendars.ns2.pecmo.com.mx', 'cpcontacts.ns2.pecmo.com.mx', 'ipv6.ns2.pecmo.com.mx', 'mail.ns2.pecmo.com.mx', 'webdisk.ns2.pecmo.com.mx', 'webmail.ns2.pecmo.com.mx', 'whm.ns2.pecmo.com.mx', 'www.ns2.pecmo.com.mx') (called in /var/cpanel/perl/Cpanel/SSL/ACME/DCV.pm at line 97)
==> Cpanel::SSL::ACME::DCV::new('Cpanel::SSL::ACME::DCV', 'acme', Net::ACME2::LetsEncrypt=HASH(0x41013e0), 'domains', ARRAY(0x1759990), 'provider', Cpanel::SSL::Auto::Provider::LetsEncrypt=HASH(0x3cda128)) (called in bin/checkallsslcerts.pl at line 763)
==> bin::checkallsslcerts::_create_dcv(bin::checkallsslcerts=HASH(0x2faba88), Net::ACME2::LetsEncrypt=HASH(0x41013e0), ARRAY(0x1759990), Cpanel::SSL::Auto::Provider::LetsEncrypt=HASH(0x3cda128)) (called in bin/checkallsslcerts.pl at line 731)
==> (eval)(bin::checkallsslcerts=HASH(0x2faba88), Net::ACME2::LetsEncrypt=HASH(0x41013e0), ARRAY(0x1759990), Cpanel::SSL::Auto::Provider::LetsEncrypt=HASH(0x3cda128)) (called in bin/checkallsslcerts.pl at line 731)
==> bin::checkallsslcerts::_attempt_dcv_for_domains(bin::checkallsslcerts=HASH(0x2faba88), Cpanel::SSL::Auto::Provider::LetsEncrypt=HASH(0x3cda128), 'ns2.pecmo.com.mx', 'autoconfig.ns2.pecmo.com.mx', 'autodiscover.ns2.pecmo.com.mx', 'cpanel.ns2.pecmo.com.mx', 'cpcalendars.ns2.pecmo.com.mx', 'cpcontacts.ns2.pecmo.com.mx', 'ipv6.ns2.pecmo.com.mx', 'mail.ns2.pecmo.com.mx', 'webdisk.ns2.pecmo.com.mx', 'webmail.ns2.pecmo.com.mx', 'whm.ns2.pecmo.com.mx', 'www.ns2.pecmo.com.mx') (called in bin/checkallsslcerts.pl at line 609)
==> bin::checkallsslcerts::_replace_cert_with_ca_signed_cert_from_lets_encrypt(bin::checkallsslcerts=HASH(0x2faba88), 'cpanel') (called in bin/checkallsslcerts.pl at line 443)
==> bin::checkallsslcerts::_check_notify_and_auto_renew_cert_for_service(bin::checkallsslcerts=HASH(0x2faba88), 'cpanel') (called in bin/checkallsslcerts.pl at line 114)
==> bin::checkallsslcerts::run(bin::checkallsslcerts=HASH(0x2faba88)) (called in bin/checkallsslcerts.pl at line 74)
...propagated at /usr/local/cpanel/Cpanel/Try.pm, line 230
-
Hey there! Can you try re-registering Let's Encrypt in WHM >> Manage AutoSSL interface? You can just select "Let’s Encrypt" and then agree to the terms of service and then click the "Save" button at the bottom of the page.
Can you try that and see if that gets things working?
0 -
Hello,
I believe for DNS Only servers there's no UI method for setting that up. Instead, you will need to use the following WHMAPI1 callwhmapi1 set_autossl_provider provider=LetsEncrypt x_terms_of_service_accepted="https://letsencrypt.org/documents/LE-SA-v1.3-September-21-2022.pdf"
Hope that helps.
1 -
If those details don't work, please try the workaround mentioned here: https://support.cpanel.net/hc/en-us/articles/21161235673751-checkallsslcerts-fails-on-DNS-Only-servers-or-where-AutoSSL-is-disabled
1 -
Thank you, guys! I was able to get the new SSL.
0 -
whmapi1 set_autossl_provider provider=LetsEncrypt x_terms_of_service_accepted="https://letsencrypt.org/documents/LE-SA-v1.3-September-21-2022.pdf"
Followed by:
/usr/local/cpanel/bin/checkallsslcerts
And now it works. Thanks guys!
0
Please sign in to leave a comment.
Comments
5 comments