DNS DCV failure - Received email notification (pasted into response)

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: stellium.ca

I ran this command: N/A

It produced this output:

My web server is (include version):

The operating system my web server runs on is (include version):

My hosting provider, if applicable, is: Uniserve

I can login to a root shell on my machine (yes or no, or I don’t know): I don’t know

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):

|stellium.ca: AutoSSL would normally renew this certificate now, but 2 of the website’s secured domains just failed DCV. To provide you with more time to resolve these problems, AutoSSL will defer the renewal until Feb 1, 2020 at 12:00:00 AM UTC. After that time, AutoSSL will request a replacement certificate that excludes any domains that fail DCV. At the time of this notice, the certificate will expire in 7 days, 15 hours, 12 minutes, and 57 seconds.|
|AutoSSL did not renew the certificate for “stellium.ca”. You must take action to keep this site secure.

The “LetsEncrypt” AutoSSL provider could not renew the SSL certificate without a reduction of coverage because of the following problems:

:no_entry: webdisk.stellium.ca (checked on Jan 27, 2020 at 8:46:18 AM UTC)

DNS DCV: The DNS query to “_cpanel-dcv-test-record.stellium.ca” for the DCV challenge returned no “TXT” record that matches the value “_cpanel-dcv-test-record=jxxNWjlNueYDTIrGN7RlAhrRqIrpgEAbRo3x2zZsTDsAiFkW2p_byeAZsU4UvnMB”.; HTTP DCV: “webdisk.stellium.ca” does not resolve to any IP addresses on the internet.

:no_entry: cpanel.stellium.ca (checked on Jan 27, 2020 at 8:46:18 AM UTC)

DNS DCV: The DNS query to “_cpanel-dcv-test-record.stellium.ca” for the DCV challenge returned no “TXT” record that matches the value “_cpanel-dcv-test-record=jxxNWjlNueYDTIrGN7RlAhrRqIrpgEAbRo3x2zZsTDsAiFkW2p_byeAZsU4UvnMB”.; HTTP DCV: “cpanel.stellium.ca” does not resolve to any IP addresses on the internet.

For the most current status, navigate to the “SSL/TLS Status” interface. You can also exclude domains from future renewal attempts, which would cease future notifications.

The certificate that is installed on this website contains the following properties:

Expiration: Tuesday, February 4, 2020 at 12:00:00 AM UTC
Domain Names: stellium.ca
cpanel.stellium.ca
mail.stellium.ca
webdisk.stellium.ca
webmail.stellium.ca
www.stellium.ca
Subject: commonName stellium.ca
Issuer: countryName US


stateOrProvinceName TX
localityName Houston
organizationName cPanel, Inc.
commonName cPanel, Inc. Certification Authority

To upgrade to an EV or OV certificate, navigate to the “SSL/TLS Wizard” interface.
The system generated this notice on Monday, January 27, 2020 at 8:47:02 AM UTC.

You can disable the “AutoSSL has deferred normal certificate renewal because a domain on the current certificate has failed DCV (Domain Control Validation).” type of notification through the cPanel interface: https://stellium.ca:2083/?goto_app=ContactInfo_Change

Do not reply to this automated message.|

Ok, I am a website owner kinda by accident. I traded some construction work for a website and have been happily tooling along since 2006. My site serves mainly as a placemarker for my contracting business and does not have e-commerce or other interactive features. I shows phtos of my work and some descriptions of my approach. Pretty simple, yet soooo complicated for the profane.

Recently, I have been receiving notifications every three hours that my SSL certificate could not be renewed because of DCV errors cited above. I have never used cpanel in my life so the learning curve to resolve this is really steep for me.

I expect that changing values for the webdisk.stellium.ca and cpanel.stellium.ca could be corrected and this would allow auto SSL to renew on my site. Ok, be gentle with me, I am a newbie and a novice. I would appreciate any help/assistance/coaching that anyone can provide.

Thanking you in advance for your kind consideration.

Stellium

Hi,

This is an email sent from your cPanel hosting provider (your hosting provider who uses cPanel) and trying to get a certificate include your cpanel and webdisk domain. It issues a certificate with cPanel CA, not let’s encrypt.

However, there are two possible solutions:

  1. Point your cpanel.stellium.ca / webdisk.stellium.ca domain to the IP.
  2. Ignore the email, your main domain will still be covered.

For more information, contact your hosting provider.

Thank you

1 Like

Steven,

  Thanks for the response. I did phone my hosting provider. It

seems they are updating name servers and as such the information
is somehow not getting to the correct place. They told me they are
working on it. I apologize for cluttering up your help forum.

  I have now gotten access to cpanel and should be able to

configure when needed.

Stellium

2 Likes