trenten Posted January 5, 2021 Posted January 5, 2021 So before I had my server moved to Tommy, I had to manually install an SSL Certificate using ZeroSSL. Now I am on Tommy and should have AutoSSL. My ZeroSSL certificate for the main trenten.heliohost.org expired a couple days ago. So how can I get the AutoSSL to issue a Certificate for my main domain?I deleted the certificate in one page and on another it says uninstall and gives a warning that this is permanent so I don't want to mess anything up. Currently I can't reach my site using https. Here are some screenshots of what my SSL status is. Deleted Old certificate. Scary Uninstall option that I'm not sure about. The SSL/TLS status page: It doesn't give me the option to run AutoSSL on the domain that has the expired ZeroSSL certificate which I think I deleted as shown above. So any idea on how I can remove the ZeroSSL Cert and have AutoSSL issue and manage all of them? Thanks!
wolstech Posted January 5, 2021 Posted January 5, 2021 It was refusing because the expired certificate was not from AutoSSL. AutoSSL automatically ignores any domain that has a certificate from an outside source. I deleted that expired cert and manually ran it for you: 1:58:45 PM AutoSSL’s configured provider is “cPanel (powered by Sectigo)”. This AutoSSL provider does not poll for certificate availability immediately after a certificate request submission. Instead, it submits certificate requests then periodically polls the cPanel Store for each requested certificate and installs it after a successful retrieval. The system will record all requests, retrievals, and installations for the current AutoSSL run in this log. Analyzing “trenten”’s domains … 1:58:45 PM Analyzing “chy.trenten.heliohost.org” … 1:58:45 PM SUCCESS TLS Status: OK Certificate expiry: 3/29/21, 12:00 AM UTC (82.21 days from now) 1:58:45 PM Analyzing “destiny.trenten.heliohost.org” … 1:58:45 PM SUCCESS TLS Status: OK Certificate expiry: 1/26/21, 12:00 AM UTC (20.21 days from now) 1:58:45 PM Analyzing “trenten.heliohost.org” … 1:58:45 PM ERROR TLS Status: Defective ERROR Defect: NO_SSL: No SSL certificate is installed. 1:58:45 PM Attempting to ensure the existence of necessary CAA records … 1:59:25 PM No CAA records were created. 1:59:25 PM Verifying “cPanel (powered by Sectigo)”’s authorization on domains via DNS CAA records … 1:59:27 PM “cPanel (powered by Sectigo)” is authorized to issue certificates for all domains. 1:59:27 PM Performing HTTP DCV (Domain Control Validation) on 6 domains … 1:59:27 PM Local HTTP DCV OK: trenten.heliohost.org Local HTTP DCV OK: www.trenten.heliohost.org (via trenten.heliohost.org) Local HTTP DCV OK: mail.trenten.heliohost.org (via trenten.heliohost.org) Local HTTP DCV OK: cpanel.trenten.heliohost.org (via trenten.heliohost.org) Local HTTP DCV OK: webdisk.trenten.heliohost.org (via trenten.heliohost.org) Local HTTP DCV OK: webmail.trenten.heliohost.org (via trenten.heliohost.org) 1:59:27 PM No local DNS DCV is necessary. 1:59:27 PM Processing “trenten”’s local DCV results … 1:59:27 PM Analyzing “trenten.heliohost.org”’s DCV results … 1:59:27 PM AutoSSL will request a new certificate. 1:59:27 PM The system will attempt to renew the SSL certificate for the website (trenten.heliohost.org: trenten.heliohost.org www.trenten.heliohost.org mail.trenten.heliohost.org webmail.trenten.heliohost.org cpanel.trenten.heliohost.org webdisk.trenten.heliohost.org). 1:59:30 PM The cPanel Store received “trenten.heliohost.org”’s certificate order. (Order Item ID: 1089874177) The system will periodically poll the cPanel Store for the issued certificate and then install it after a successful retrieval. The system has completed “trenten”’s AutoSSL check. Give it a few hours and it should work.
trenten Posted January 5, 2021 Author Posted January 5, 2021 It was refusing because the expired certificate was not from AutoSSL. AutoSSL automatically ignores any domain that has a certificate from an outside source. I deleted that expired cert and manually ran it for you: 1:58:45 PM AutoSSL’s configured provider is “cPanel (powered by Sectigo)”. This AutoSSL provider does not poll for certificate availability immediately after a certificate request submission. Instead, it submits certificate requests then periodically polls the cPanel Store for each requested certificate and installs it after a successful retrieval. The system will record all requests, retrievals, and installations for the current AutoSSL run in this log. Analyzing “trenten”’s domains … 1:58:45 PM Analyzing “chy.trenten.heliohost.org” … 1:58:45 PM SUCCESS TLS Status: OK Certificate expiry: 3/29/21, 12:00 AM UTC (82.21 days from now) 1:58:45 PM Analyzing “destiny.trenten.heliohost.org” … 1:58:45 PM SUCCESS TLS Status: OK Certificate expiry: 1/26/21, 12:00 AM UTC (20.21 days from now) 1:58:45 PM Analyzing “trenten.heliohost.org” … 1:58:45 PM ERROR TLS Status: Defective ERROR Defect: NO_SSL: No SSL certificate is installed. 1:58:45 PM Attempting to ensure the existence of necessary CAA records … 1:59:25 PM No CAA records were created. 1:59:25 PM Verifying “cPanel (powered by Sectigo)”’s authorization on domains via DNS CAA records … 1:59:27 PM “cPanel (powered by Sectigo)” is authorized to issue certificates for all domains. 1:59:27 PM Performing HTTP DCV (Domain Control Validation) on 6 domains … 1:59:27 PM Local HTTP DCV OK: trenten.heliohost.org Local HTTP DCV OK: www.trenten.heliohost.org (via trenten.heliohost.org) Local HTTP DCV OK: mail.trenten.heliohost.org (via trenten.heliohost.org) Local HTTP DCV OK: cpanel.trenten.heliohost.org (via trenten.heliohost.org) Local HTTP DCV OK: webdisk.trenten.heliohost.org (via trenten.heliohost.org) Local HTTP DCV OK: webmail.trenten.heliohost.org (via trenten.heliohost.org) 1:59:27 PM No local DNS DCV is necessary. 1:59:27 PM Processing “trenten”’s local DCV results … 1:59:27 PM Analyzing “trenten.heliohost.org”’s DCV results … 1:59:27 PM AutoSSL will request a new certificate. 1:59:27 PM The system will attempt to renew the SSL certificate for the website (trenten.heliohost.org: trenten.heliohost.org www.trenten.heliohost.org mail.trenten.heliohost.org webmail.trenten.heliohost.org cpanel.trenten.heliohost.org webdisk.trenten.heliohost.org). 1:59:30 PM The cPanel Store received “trenten.heliohost.org”’s certificate order. (Order Item ID: 1089874177) The system will periodically poll the cPanel Store for the issued certificate and then install it after a successful retrieval. The system has completed “trenten”’s AutoSSL check. Give it a few hours and it should work. Thanks! It appears everything is working now. Was all I had to do was confirm that deletion of the Certificate and run AutoSSL?
wolstech Posted January 5, 2021 Posted January 5, 2021 Pretty much. Once I removed the expired one it went out and got the new one when I ran it. It won't replace a third party certificate (even if it's expired or otherwise invalid), so it kept ignoring your main domain until I removed the expired cert. 1
Recommended Posts