AutoSSL unable to confirm

The AutoSSL on my primary account/domain using Friday server is unable to confirm that the certificate is valid, but I verified with my domain host, then added the TXT (as indicated in the AutoSSL Certificate Status notification) and yet it still cannot validate. Am I missing a step, or can you direct me to instructions so that I can re-review?

Here is some of the message: The web server responded with the following error: 404 (Not Found). A DNS (Domain Name System) or web server misconfiguration may exist.

I read the other thread but that didn’t seem to be the same issue: CPanel >Custom SSL > AutoSS is in progress

Thanks for the help.

I went through all of your domains and I didn’t find one that had the mail or webmail subdomains pointing to the server that your account is on. You should create CNAME records for mail and webmail subdomains that point to friday.mxlogin.com (for anyone else reading this, that value is specific to this customer) and wait about 2-4 hours before kicking off an AutoSSL run.

Thanks, Alento. Thanks, Jarland. I added a CNAME record for both mail & webmail subdomains pointing to friday.mxlogin.com on the primary domain (since that is which domain marks an error) but Cpanel AutoSSL still throws an error. I can DM you the screenshot if it helps.

I went through each domain again @mangoman and I’m still not seeing any of them visible. Make sure to confirm the CNAME with something like whatsmydns.net. Until you get it to return the correct value, you can be sure that they won’t work (and may not work until 1-4 hours after you get that site to see the record properly). Expect a few of the tests from that site to always fail. Here’s what a success looks like there:

Screen Shot 2020-04-09 at 12.21.42 PM

@mangoman Will you post a screen cap please? If you’d prefer you can send it in PM, but do note that I am not MXroute staff.

I created the CNAME and TXT records per the setup indicated in the original email *on Cloudflare (as Proxied) and have now (today) added the mail & webmail subdomains to MXroute - but can either of you confirm that this is correct? For example, I receive the MXroute cPanel AutoSSL message = The domain “mail.bienservido.com” resolved to an IP address “104.31.87.159” that does not exist on this server. ~ However, the webmail.bienservido.com IS validated as SSL on MXroute. That IP is the hosting server; the other IPs are also pointing at my hosting server. I’ve added mail & webmail subdomains also to Cloudflare as well as to the MXroute cPanel. Is there some other step that I need to enable. (I will be re-checking the SSL certificates here at MXroute in a few hours.) Thanks.

@flips Thanks, Phil. I revised that setting after (again) getting no validation on whatsmydns.net - and it then resolved OK. I’ll run AutoSSL again in a few hours to see if this is finally resolved.

The mail & webmail domains are resolving to AutoSSL now, but when I created them cPanel automatically created additional subdomains such as www.mail.domain.com - should those simply be excluded when I Run AutoSSL, or are they unnecessary and can they be deleted in some way? I find that there are other system-created subdomains for each domain such as 9ygabdfty32xyz5.domain.com - can/should those also be excluded and/or removed?

Thanks, all. Everything is good now and this thread can be closed.

I’m pretty sure you should not proxy these, they should not be orange … (Others will correct me if I’m wrong.) :slight_smile:
Maybe it’ll work for webmail if CF fix SSL, but MX records and mail CNAME shouldn’t be proxied, I think.

You can exclude every entry from AutoSSL except the webmail and mail certs you want. I don’t think you can remove any of the superflous subdomains, as they are required by cPanel. (The weird names are part of a way Jarland automated it to make it quicker, I think.) :slight_smile: