The AutoSSL certificate renewal may cause a reduction of coverage


#1

Hello!

I am the new web developer for williamscreekmgt.com.

The old developer is no longer in the picture so we decided to change the website hosting to godaddy instead of having him host the site.

One of the corporate admins is receiving the following email below.

What is the best way to remedy this situation? I’m assuming it’s tied to some sort of plugin that was used prior to me rebuilding the site on the new godaddy hosting account. In addition, I do not have the old hosting account cpanel credentials…

Please advise at your earliest convenience. Thank you so much!


From: cPanel on williamscreekmgt.com [mailto:cpanel@williamscreekmgt.com]
Sent: Tuesday, April 03, 2018 11:18 PM
To: Laurie Turk lturk@williamscreekmgt.net
Subject: [williamscreekmgt.com] :warning: williamscreekmgt.com: The AutoSSL certificate renewal may cause a reduction of coverage on 2018-06-18 at 02:19:21 UTC

williamscreekmgt.com: The AutoSSL certificate renewal may cause a reduction of coverage starting 2018-06-15 at 02:19:21 UTC

The “LetsEncrypt” AutoSSL provider could not renew the SSL certificate without a reduction of coverage because of the following problems:

:no_entry: williamscreekmgt.com [ Last AutoSSL Run at “2018-04-04 at 03:17:46 UTC” ]

The system failed to fetch the DCV (Domain Control Validation) file at “http://williamscreekmgt.com/.well-known/acme-challenge/JRE1L44RK_WUT5ISLRYXVMOKAGJB_0Z_” because of an error: The system failed to send an HTTP (Hypertext Transfer Protocol) “GET” request to “http://williamscreekmgt.com/.well-known/acme-challenge/JRE1L44RK_WUT5ISLRYXVMOKAGJB_0Z_” because of an error: Size of response body exceeds the maximum allowed of 16384
. The domain “williamscreekmgt.com” resolved to an IP address “107.180.12.150” that does not exist on this server.
For the most current status, navigate to the “SSL/TLS Status” interface. You can also exclude domains from future renewal attempts, which would cease future notifications.

You can fix these problems within 3 days of the certificate expiry date (2018-06-18 at 02:19:21 UTC) or take other actions. If you do not, this certificate will automatically renew without this domain.

The next time that the “LetsEncrypt” AutoSSL provider attempts to renew the SSL certificate, the system will attempt to add the following domain to that certificate:

mail.williamscreekmgt.net
The certificate that is installed on this website contains the following properties:

Expiration:

2018-06-18 at 02:19:21 UTC

Domain Names:

mail.williamscreekmgt.com

williamscreekmgt.com

williamscreekmgt.net

www.williamscreekmgt.com

www.williamscreekmgt.net

Subject:

commonName

williamscreekmgt.com

Issuer:

countryName

US

organizationName

Let’s Encrypt

commonName

Let’s Encrypt Authority X3

To upgrade to an EV or OV certificate, navigate to the “SSL/TLS Wizard” interface.

The system generated this notice on 2018-04-04 at 03:17:47 UTC.

You can disable the “AutoSSL::CertificateRenewalCoverage” type of notification through the cPanel interface: https://williamscreekmgt.com:2083/?goto_app=ContactInfo_Change

Do not reply to this automated message.

cP

Copyright© 2018 cPanel, Inc.


#2

Hi @afgindy,

You can rebuild the site and reissue a completely new certificate on the new server using whatever tools you want. The old hosting will potentially continue to complain and warn you about this, but it’s expected that an old server can’t successfully renew a certificate if it’s no longer hosting your active site. This doesn’t prevent you from obtaining a certificate and setting up HTTPS on the new site, assuming that all of the DNS records are correctly pointed at the new site’s server.

You might also want to find a way to contact the hosting provider that hosted the old site and ask them to shut it off, since I presume you can’t do this yourself without those credentials.


#3

THIS IS JUST A CPANEL VERSION OF @schoen’s reply

Hi,

This message is useless if you moved from the previous server to new server since it’s sent from the cPanel autossl plugin. The meaning of the message is just a reminder that the old server can’t issue new certificates for this domain. (either a free 3 month positive ssl or Let’s Encrypt)

I see that your domains are now using GoDaddy’s certificate, so there will be no issue.

P.S. If you can log in to cPanel of the previous server, you can go to that server and disable autossl messages.
or contact the developer to remove your domain/account from that server.(Luckily that message should be sent only once.)

Thank you


#4

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.