Skip to main content

AutoSSL stopped working for new accounts and returning 403 from cpanel store

Answered

Comments

16 comments

  • Saba Anwar

    Was it working fine before? And have you check the HTTPS status of your wordpress before installation? 

    0
  • Unnamed User

    Hello Saba,

    This is shared hosting server and all other old accounts are fine. This issue is happening for two new accounts that are added to server. 

    I am trying to understand error in log but its not complete
    [2024-09-10T06:44:00Z]  AutoSSL failed to request an SSL certificate for “prevozbeogradpag.rs” because of an error: (XID7d6qym) The response to the HTTP (Hypertext Transfer Protocol) “POST” request from “https://store.cpanel.net/json-api/ssl/certificate/free” indicated an error (403, Forbidden): <!DOCTYPE html>
    [2024-09-10T06:44:00Z]  <!--[if lt IE 7…

    Why POST of servers AutoSSL service towards cPanel server https://store.cpanel.net/json-api/ssl/certificate/free is forbidden and returning 403? Is there any additional log that I can check for perhaps full error?

    Thanks,
    Alex

    0
  • Saba Anwar

    Sometimes it takes some time to update the SSL certificate. This has happened with me too. It tool almost a day then it got fixed itself. 
    Just enable the Auto-SSL from your cpanel and wait 

    0
  • cPRex Jurassic Moderator

    Hey there!  I would recommend switching your AutoSSL provider to Sectigo to see if you get better results here - https://docs.cpanel.net/knowledge-base/third-party/the-lets-encrypt-plugin/

    0
  • Unnamed User

    Hello cPRex,

    It seems that we cannot install LE, it looks like same error 403 when our server tries to reach yours

    Installation log:

    # ./install_lets_encrypt_autossl_provider
    Cpanel::Exception::HTTP::Server/(XID pwje3z) The response to the HTTP (Hypertext Transfer Protocol) “GET” request from “https://securedownloads.cpanel.net/cpanel-plugins/0/cpanel-plugins.repo” indicated an error (403, Forbidden): <!DOCTYPE html>
    <!--[if lt IE 7…
     at /usr/local/cpanel/Cpanel/HTTP/Client.pm line 132.
            Cpanel::HTTP::Client::request(Cpanel::HTTP::Client=HASH(0x206be10), "GET", "https://securedownloads.cpanel.net/cpanel-plugins/0/cpanel-pl"..., HASH(0x20127a0)) called at (eval 6) line 6
            HTTP::Tiny::get(Cpanel::HTTP::Client=HASH(0x206be10), "https://securedownloads.cpanel.net/cpanel-plugins/0/cpanel-pl"...) called at /usr/local/cpanel/Cpanel/Plugins/Repo.pm line 111
            Cpanel::Plugins::Repo::get_config() called at /usr/local/cpanel/Cpanel/Plugins/Repo.pm line 66
            Cpanel::Plugins::Repo::install() called at /usr/local/cpanel/Cpanel/Plugins.pm line 140
            Cpanel::Plugins::install_or_upgrade_plugins("cpanel-letsencrypt-v2") called at ./install_lets_encrypt_autossl_provider line 19
            scripts::install_lets_encrypt_autossl_provider::run() called at ./install_lets_encrypt_autossl_provider line 16

    0
  • cPRex Jurassic Moderator

    Interesting - maybe there is a larger issue happening with the server.

    Does a generic "yum update" work on the system?

    1
  • Unnamed User

    Hi cPRex

    That was good lead, command worked but have some broken packages from EPEL repo.

    So we used CentOS vault mirrors and Fedora archive mirrors for EPEL to fix some package broken dependency.

    After all changes we have purged yum cache and created new cache.

    At the end we run cpanel update script from server console and everything is fixed.

    Thanks everyone for help issue is resolved.

    0
  • cPRex Jurassic Moderator

    I'm glad that got you pointed in the right direction!

    0
  • Unnamed User

    We are also facing the same issue, Can you please help us by giving an exact solution? Can you please explain little more  about "So we used CentOS vault mirrors and Fedora archive mirrors for EPEL to fix some package broken dependency."

    0
  • cPRex Jurassic Moderator

    If you are having issues installing the package, can you try running these commands to refresh the Yum data on the system?

    yum clean all
    yum makecache
    yum update
    0
  • Miron Jajtic

    Hi cPRex

    We have the same problem:

     8:12:17 AM Analyzing “<REDACTED>”’s DCV results …
    8:12:17 AM SUCCESS “cPanel (powered by Sectigo)” HTTP DCV OK: <REDACTED>
    SUCCESS “cPanel (powered by Sectigo)” HTTP DCV OK: <REDACTED>
    AutoSSL will request a new certificate.
    8:12:17 AM The system will attempt to renew the SSL certificates for (<REDACTED>).

    ERROR AutoSSL failed to request an SSL certificate for “<REDACTED>” because of an error: (XID 7p68wr) The response to the HTTP (Hypertext Transfer Protocol) “POST” request from “https://store.cpanel.net/json-api/ssl/certificate/free” indicated an error (403, Forbidden): <!DOCTYPE html> <!--[if lt IE 7…
    ERROR AutoSSL failed to request an SSL certificate for “<REDACTED>” because of an error: (XID 7h3npy) The response to the HTTP (Hypertext Transfer Protocol) “POST” request from “https://store.cpanel.net/json-api/ssl/certificate/free” indicated an error (403, Forbidden): <!DOCTYPE html> <!--[if lt IE 7…
    ERROR AutoSSL failed to request an SSL certificate for “<REDACTED>” because of an error: (XID ykvq79) The response to the HTTP (Hypertext Transfer Protocol) “POST” request from “https://store.cpanel.net/json-api/ssl/certificate/free” indicated an error (403, Forbidden): <!DOCTYPE html> <!--[if lt IE 7…
    ERROR AutoSSL failed to request an SSL certificate for “<REDACTED>” because of an error: (XID gnr4a9) The response to the HTTP (Hypertext Transfer Protocol) “POST” request from “https://store.cpanel.net/json-api/ssl/certificate/free” indicated an error (403, Forbidden): <!DOCTYPE html> <!--[if lt IE 7…
    ERROR AutoSSL failed to request an SSL certificate for “<REDACTED>” because of an error: (XID ugu9e4) The response to the HTTP (Hypertext Transfer Protocol) “POST” request from “https://store.cpanel.net/json-api/ssl/certificate/free” indicated an error (403, Forbidden): <!DOCTYPE html> <!--[if lt IE 7…

     

    The installation of the LE provider also does not work, the same error 403 Forbidden:

    # /scripts/install_lets_encrypt_autossl_provider
    Cpanel::Exception::HTTP::Server/(XID pwje3z) The response to the HTTP (Hypertext Transfer Protocol) “GET” request from “https://securedownloads.cpanel.net/cpanel-plugins/0/cpanel-plugins.repo” indicated an error (403, Forbidden): <!DOCTYPE html>
    <!--[if lt IE 7…

     

    Rebuilding the Yum cache `yum clean all; yum makecache; yum update` completes without problems, but the problem with AutoSSL remains.

    Best regards,
    Miron

    0
  • cPRex Jurassic Moderator

    Miron Jajtic - what cPanel version are you using?

    0
  • Miron Jajtic

    It's CentOS v7.9 with cPanel v106.0.18

    0
  • cPRex Jurassic Moderator

    Could you update your server to 110 and try that work again?  Version 110 still supports CentOS 7, and I'm not sure of a good reason for the Let's Encrypt installation to give a 403 error, so updating the system is your best option at this point.

    0
  • Miron Jajtic

    Thanks cPRex, it worked, updated cpanel to version 11.110 and autossl renewed the certificates with Let's Encrypt out of the box.

    0
  • cPRex Jurassic Moderator

    I'm glad that worked!

    0

Please sign in to leave a comment.