Hello, I have been having this problem for a few months now

The following cPanel service generated warnings from the checkallsslcerts script.

:warning: cpanel
The system failed to acquire a signed certificate from the cPanel Store because of the following error: The system failed to acquire a signed certificate from the cPanel Store. ({"domain_details":null,"status":"revoked","status_details":null,"status_message":"Stale CSR"})
This notice is the result of a request from “/usr/local/cpanel/bin/checkallsslcerts”.

The system generated this notice on martes, 27 de septiembre de 2022 at 3:37:03 (UTC).

“cPanel service SSL certificate warnings” notifications are currently configured to have an importance of “Medio”. You can change the importance or disable this type of notification in WHM’s Contact Manager at: https://server.empresarialhost.com:2087/scripts2/editcontact?event=SSL::CheckAllCertsWarnings

Hello @mkaioh2

I am sorry no one has replied yet but this does not look like a problem related to Let's Encrypt. You should ask whoever provides your hosting and/or cPanel service about that error.

4 Likes

It is my own server, I am my own cpanel, I already talked to ovh and they told me that it was not ovh's problem, it is the problem of who gives me the ssl... in this case letscryp then exactly how is it solved?

Is your domain name server.empresarialhost.com ?

If so, your most recent cert was from cPanel Store. You would have to talk with them about what happened. (see cert history here) It still looks like a cPanel configuration problem to me.

At one time this domain used a Let's Encrypt cert but it looks like it was replaced with the cPanel cert. If I misunderstand your system, please answer the questions from the form you were shown as best you can.

==========================

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:

I ran this command:

It produced this output:

My web server is (include version):

The operating system my web server runs on is (include version):

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don't know):

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):

4 Likes

I would also try to find out why your cPanel is using a "Stale CSR"

3 Likes

My domain is:
empresarialhost.com or server.empresarialhost.com

I ran this command:
/usr/local/cpanel/scripts/install_lets_encrypt_autossl_provider

My web server is (include version):
cPanel Version
106.0.9

The operating system my web server runs on is (include version):
Linux

my server empresarialhost.com

I can login to a root shell on my machine (yes or no, or I don't know):
Yes

I'm using a control panel to manage my site (no, or provide the name
Yeah, WHM

provide the name control panel):
cPanel Version
106.0.9

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):
im not using certbot

Thanks for that. I see you got a wildcard cert from Let's Encrypt on Sep6. And, that is the one your server is currently using.

There was a change for Let's Encrypt on Sept15. Maybe your "Stale CSR" message is related to this

Is you AutoSSL still configured to use Let's Encrypt though? Because the error message sounds like the problem is with the cPanel Store. You got some certs for certain domain names from that recently too
https://crt.sh/?q=empresarialhost.com&deduplicate=Y

3 Likes

I don't think so because I have had this problem for more than 4 months approximately.


I received this email, maybe there is some more information here.

That email tells me that you're not using Let's Encrypt's services.

If that's your intention, you should find out how to tell cPanel to do so (I have no idea).

2 Likes

yes, I have letsencrypt as my primary.


I reinstalled the certificate only in that domain server.empresarialhost.com but I get this orange legend.

thank you very much, you were very right, I was using a cpanel certificate, all my clients had letsencrypt, except mine. I changed the certificate from cpanel to letsencrypt, thank you very much! =D

2 Likes

how i can delete this post?

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.