AutoSSL not renewing SSL-certificates
The last few days, SSL-certifcates provided by AutoSSL are no longer being renewed.
The AutoSSL logs show the following:
[code]
...
...
[/code]
Any idea how to include the .cab file somehow?
-
Hey there! This is a known issue, and we do have case CPANEL-45964 you can read about here:
but at this time I don't have a workaround available. Our team is working on that case and I'll be sure to post an update once I hear something on my end!
0 -
Richard van - is your server using Sectigo as the AutoSSL provider?
0 -
@CPRex: Yes, it is using Sectigo as (sole) AutoSSL provider.
0 -
Thanks for that information. I'm guessing you're also in version 118 or older - could you try switching to Let's Encrypt and see if you still experience the issue? https://support.cpanel.net/hc/en-us/articles/360050823313-How-to-install-and-enable-the-Let-s-Encrypt-provider-for-AutoSSL
1 -
Good afternoon, I am having the same problem, I have already switched to Lets Encrypt but the problem within "Manage Service SSL" continues and in a few days my certificate will expire.
0 -
Jorge Riveros - what output do you get from /usr/local/cpanel/bin/checkallsslcerts? That should show more details about the specific error.
0 -
I suposed that is the same output
0 -
Yes, that issue is the same as case CPANEL-45964 that I mentioned above.
0 -
Good afternoon,
I'm having the same issue.3:00:07 PM WARN Certificate verification failed! The system did not find the Certificate Authority Bundle that matches this certificate. Contact “cPanel, LLC” to obtain the Certificate Authority Bundle for “cPanel ECC Domain Validation Secure Server CA 3”. at /usr/local/cpanel/Cpanel/SSL/Auto/Provider.pm line 999.WARN (XID 8kzrng) The system failed to install an SSL certificate onto the website “XXXXXX” because of the following error: Certificate verification failed! The system did not find the Certificate Authority Bundle that matches this certificate. Contact “cPanel, LLC” to obtain the Certificate Authority Bundle for “cPanel ECC Domain Validation Secure Server CA 3”.the output of /usr/local/cpanel/bin/checkallsslcerts is:
The system will check for the certificate for the “cpanel” service.
The system will attempt to verify that the certificate for the “cpanel” service is still valid using OCSP (Online Certificate Status Protocol).
The certificate for the “cpanel” service passed all checks.
The system will check for the certificate for the “dovecot” service.
The system will attempt to verify that the certificate for the “dovecot” service is still valid using OCSP (Online Certificate Status Protocol).
The certificate for the “dovecot” service passed all checks.
The system will check for the certificate for the “exim” service.
The system will attempt to verify that the certificate for the “exim” service is still valid using OCSP (Online Certificate Status Protocol).
The certificate for the “exim” service passed all checks.
The system will check for the certificate for the “ftp” service.
The system will attempt to verify that the certificate for the “ftp” service is still valid using OCSP (Online Certificate Status Protocol).
The certificate for the “ftp” service passed all checks.
Is there any workaround for solving it?0 -
Unfortunately no, there is no current workaround for the CA bundle issue.
0 -
hi,
i have the same issue
6:16:05 PM WARN Certificate verification failed! The system did not find the Certificate Authority Bundle that matches this certificate. Contact “cPanel, LLC” to obtain the Certificate Authority Bundle for “cPanel ECC Domain Validation Secure Server CA 3”. at /usr/local/cpanel/Cpanel/SSL/Auto/Provider.pm line 933.
WARN (XID stepq6) The system failed to install an SSL certificate onto the website XXXX because of the following error: Certificate verification failed! The system did not find the Certificate Authority Bundle that matches this certificate. Contact “cPanel, LLC” to obtain the Certificate Authority Bundle for “cPanel ECC Domain Validation Secure Server CA 3”.0 -
I followed cPRex post to switch to Let's Encrypt and then manually checked AutoSSL on each user on my server and SUCCESS!!
cPRex said "Thanks for that information. I'm guessing you're also in version 118 or older - could you try switching to Let's Encrypt and see if you still experience the issue? https://support.cpanel.net/hc/en-us/articles/360050823313-How-to-install-and-enable-the-Let-s-Encrypt-provider-for-AutoSSL "1 -
I'm glad to hear that helped!
0 -
I performed those steps but I still continue with the error
0 -
Jorge Riveros - our team is still looking into the original case mentioned earlier in the thread, as switching to Let's Encrypt isn't resolving the problem for all users.
0 -
If I choose one of these options could it work?
0 -
I can't say for sure, as that would be using another certificate that is already on the machine. It may be best to create a ticket so this can be examined directly on the server.
0 -
Website has been down for a while because of this. I disabled AUTOssl to try to install my own certificate that I got from ZeroSSL. It doesn't work. I get a
0: communication failure
/cpsess5912262388/execute/SSL/install_sslAlso "response" is just a blank bar.
When I force renew
Certificate verification failed! The system did not find the Certificate Authority Bundle that matches this certificate. Contact “cPanel, LLC” to obtain the Certificate Authority Bundle for “cPanel ECC Domain Validation Secure Server CA 3”. at /usr/local/cpanel/Cpanel/SSL/Auto/Provider.pm line 933.
Cpanel::Exception/(XID vwdwt4) The system failed to install an SSL certificate onto the website “cursors-4u.com” because of the following error: Certificate verification failed! The system did not find the Certificate Authority Bundle that matches thiscertificate. Contact “cPanel, LLC” to obtain the Certificate Authority Bundle for “cPanel ECC Domain Validation Secure Server CA 3”.I don't even have a LetsEncrypt option on my cpanel anymore. I have no idea WTF is going on. Frustrating.
0 -
@torrocks: You'll have to manually install that SSL certificate, totally bypassing AutoSSL, just like you're installing one from another provider (e.g. RapidSSL, Sectigo).
1 -
any news about this?
0 -
Our team is still working on the case right now and doing some testing. It's our highest priority issue at the moment so I'm hoping there is a fix soon.
0 -
any news about this?
0 -
I just spoke with the team and it's still being worked on at this time.
1 -
any news?
0 -
I will be sure to post when I have an update from the team.
0 -
HELP same issue
0 -
Alin Vladic - the team is still working on the case and I'll be sure to post once I have an update.
1 -
thank you cprex but this is so so important please
0 -
hey guys please this is important how long it will take it has been a while now please :) needs to be sorted
0 -
changing to Lets Encrypt worked for me, thank you!!
0
Please sign in to leave a comment.
Comments
74 comments