An error occurred the last time AutoSSL ran, on May 17, 2019:


My domain is:https://[redacted].com

I bought the name on 17th I believe and put it on a hosting plan.

From cPanel, added a certificate from the Let’s Encrypt SSL plugin with http-01 validation.

Shortly after, I checked the SSL/TLS Status plugin.

I found these errors:

[redacted image]

I’m not using CloudFlare or any other CDN.

Wondering what could be the reason?

Hi @georgik

checked your domain ([redacted].com ):

You have the following ip address:

Host T IP-Address is auth. ∑ Queries ∑ Timeout
[redacted].com A yes 2 0
AAAA yes
www.[redacted].com C [redacted].com yes 1 0
A yes

That's not one of the ip addresses your cPanel sees.

And this

Domain	Nameserver	NS-IP
	•	•

	•	•

are your nameservers.

Looks like the cPanel you use has nothing to do with your real domain. So validation via cPanel may not work.

But there is a new Letsencrypt certificate

expires in 85 days	
www.[redacted].com - 3 entries

And your configuration is ok (not good, but not critical).

Last - there is only one certificate, that's good.

CertSpotter-Id Issuer not before not after Domain names LE-Duplicate next LE
917026442 CN=Let's Encrypt Authority X3, O=Let's Encrypt, C=US 2019-05-17 13:54:47 2019-08-15 13:54:47 [redacted].com, mail.[redacted].com, www.[redacted].com
3 entries duplicate nr. 1

So that cPanel you use is ignored.

Can you tell me what does that mean?

The non-www and the www are not properly configured as I can see them both showing up on the Host tab, should be only one version active?

I have no idea why cPanel sees different ip addresses.

And you have a working, 5 days old certificate. How did you create that certificate?

Perhaps your hoster has an integrated solution.

Yes, the Let’s Encrypt SSL plugin is avalaible on my cPanel hosting provider.

What do you mean by the fact that my configuration is not good, but not critical? What would be the proper way to set it?

Check the output of[redacted].com

There is a Grade H - no redirect to https, a Grade D - wrong redirect http -> http.

And an old connection with SHA1, perhaps with Cipher Suites with SHA1.

Okay, so one of the things I need to set is the redirect to https?

So I guess that will fix both Grade H & Grade D?

Okay, so I did additional digging and found another thread here with the same issue.

I’m going to try this bit of code in the .htaccess file

RewriteRule ^.well-known/ - [L,NC]
RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://[redacted].com/$1 [R,L]

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.