Can't create certificate in cpanel - The client lacks sufficient authorization


#1

Hello,
I’m trying to create a ssl certificate via cpanel autossl. The certificate is created only for the subdomain:
webmail, cpanel. autodiscovery and webdisk. These i’ve created as a record in the dns. But i get error on the normal www. With the cpanel certificate i didn’t had any problems.

3:32:02 AM Analyzing “pfanninischoenmode.nl”’s DCV results …

3:32:02 AM local DCV has gained domains

No CAA record added because there is no CAA record from another provider in the DNS for pfanninischoenmode.nl.

3:32:09 AM “Let’s Encrypt™” HTTP DCV OK: webdisk.pfanninischoenmode.nl

“Let’s Encrypt™” HTTP DCV OK: autodiscover.pfanninischoenmode.nl

“Let’s Encrypt™” HTTP DCV OK: cpanel.pfanninischoenmode.nl

“Let’s Encrypt™” HTTP DCV OK: webmail.pfanninischoenmode.nl

3:32:19 AM WARN “Let’s Encrypt™” DCV error (www.pfanninischoenmode.nl): Invalid response from http://www.pfanninischoenmode.nl/.well-known/acme-challenge/htQLf7PSYNyb_5vSlyBz9IIqypEf_Zbj-yVxdz_RJ7I [2a01:7c8:aac3:320::1]: 400 (The client lacks sufficient authorization (urn:acme:error:unauthorized))

WARN “Let’s Encrypt™” DCV error (www.pfanninischoenmode.nl): DNS problem: NXDOMAIN looking up TXT for _acme-challenge.www.pfanninischoenmode.nl (urn:acme:error:dns)

WARN “Let’s Encrypt™” DCV error (pfanninischoenmode.nl): Invalid response from http://pfanninischoenmode.nl/.well-known/acme-challenge/g_Nhhbnyd_2mcGS7j2sOeS8MLYRUzR2-lr2ovVqPql0 [2a01:7c8:aac3:320::1]: 400 (The client lacks sufficient authorization (urn:acme:error:unauthorized))

WARN “Let’s Encrypt™” DCV error (pfanninischoenmode.nl): No TXT record found at _acme-challenge.pfanninischoenmode.nl (The client lacks sufficient authorization (urn:acme:error:unauthorized))

WARN “Let’s Encrypt™” DCV error (mail.pfanninischoenmode.nl): Invalid response from http://mail.pfanninischoenmode.nl/.well-known/acme-challenge/hw0QVkOAp70FUGAmwCL2UCBNZKWr9eWDsd0cBFBn43g [2a01:7c8:aac3:320::1]: 400 (The client lacks sufficient authorization (urn:acme:error:unauthorized))

WARN “Let’s Encrypt™” DCV error (mail.pfanninischoenmode.nl): DNS problem: NXDOMAIN looking up TXT for _acme-challenge.mail.pfanninischoenmode.nl (urn:acme:error:dns)

ERROR Impediment: NO_UNSECURED_DOMAIN_PASSED_DCV: Every unsecured domain failed DCV.

I’ve already tried to create a text file in the /.well-known/acme-challenge/ directory to see if i could get access but that was no problem.

Hope someone can help.


#2

What’s the text file?

For what it’s worth, http://pfanninischoenmode.nl/ seems to serve different websites on IPv4 and IPv6. Did you test IPv6?


#3

just a self created test.txt, hmm I don’t know much about IPv6 hoe can i set that t the same adres?


#4

I reported this bug many moons ago, and it was (allegedly) fixed.

What’s the version of this cPanel server?

whmapi1 version

The workaround (before the fix) was to withdraw your AAAA records (lol).

Edit: Upon re-reading, it seems like the actual issue is that the that virtual host is not assigned to that IPv6 address at all. For now, you can try removing your IPv6 addresses from that domain, and then re-adding them after you configure the virtual host properly: https://documentation.cpanel.net/display/74Docs/Assign+IPv6+Address


#5

Thank you so much! This thing with the ipv6 has solved it. WHM ipv6 was not turned on, but had a ipv6 adres in the dns so now that it’s enabled everything seems to be working! Could you share me a link where you could check that there was a different website on ipv6?