Free AutoSSL Certificates are one of the best things that cPanel introduced on their latest updates. AutoSSL allows any cPanel user to have their own free TLS / SSL certificate with just a couple of clicks. On this post we will explore solutions if you have AutoSSL issues and AutoSSL not working.
Why is AutoSSL not working on cPanel?
One of the most common issues for cPanel users while activating AutoSSL is to find that the AutoSSL is not working at all, even if cPanel said it was finished.
There may be a few reasons on why your AutoSSL is not working, let’s explore each one of them:
1) The domain failed domain control validation: The system queried for a temporary file at but the web server responded with the following error: 403 (Forbidden). A DNS or web server misconfiguration may exist. at bin/autossl_check.pl line 565.
This means AutoSSL verification script is not able to create a temporary file for the domain
To fix it, just try to assign 755 permissions and the correct owner to your public_html directory:
chmod 755 /home/user/public_html -v chown user.user /home/user/public_html/ -R
Make sure you change user.user with your real cPanel user for that website.
And also check your .htaccess in case you have allow/deny directives that may be preventing the cPanel AutoSSL verification script to access your website.
That will do the trick and allow cPanel to write the temporary file.
2) The domain “mail.yourdomain.com” failed domain control validation: “mail.yourdomain.com” does not resolve to any IPv4 addresses on the internet. at bin/autossl_check.pl line 565.
There is a missing record for your mail.domain.com DNS record, just add a record to fix it.
3) Your domain doesn’t not resolve properly to the server.
As suggested by @tekgurl_kayla, make sure the domain resolves to the server & check redirects, too. Make sure you’re aware of the limits as well.
4) The certificate is not available. (processing)
You noticed this is ‘processing’, and in some cases that can take minutes (normal) or even hours, in this cases AutoSSL process is stuck and it continues to be unable to retrieve a valid AutoSSL certificate.
cPanel & WHM’s AutoSSL/SSL ordering process works on this way: cPanel system will automatically stop attempting to retrieve a certificate after 1 day (86400 secs), so if it hasn’t been completely issued within 24 hours, then it will be removed from the autossl queue.
When you find AutoSSL is not working, the first thing to do is to check the autossl logs, as you see in this image below:
Log for the AutoSSL run for “nixcp”: Saturday, February 11, 2017 4:25:39 AM GMT-3 (cPanel (powered by Comodo))[/B][/SIZE] 10:20:32 PM This system has AutoSSL set to use “cPanel (powered by Comodo)”. 10:20:32 PM Checking websites for “nixcp” … 10:20:32 PM The website “nixcp.com”, owned by “nixcp”, has no SSL certificate. AutoSSL will attempt to obtain a new certificate and install it. 10:20:33 PM The system will attempt to renew SSL certificates for the following websites: 10:20:33 PM nixcp.com (nixcp.com nixcp.org. [URL='http://www.nixcp.com']www.nixcp.com[/URL] [URL='http://www.nixcp.org']www.nixcp.org[/URL]) 10:20:33 PM The system has completed the AutoSSL check for “cpaeltips.com”. 10:20:33 PM The system has finished checking 1 user.
The following script runs every 5 minutes, you can run it manually to see what’s going on and get your SSL processed:
After running this script, it will try to force a queue run for your pending autossl requests. The result may look similar to this:
[[email protected]:~]/usr/local/cpanel/bin/autossl_check_cpstore_queue Polling for “user1”’s new certificate for “yoursite.org” (order item ID “113902861”) … The certificate is available. The system will now attempt to install it. The certificate is now installed! Polling for “user2”’s new certificate for “yoursite2.com” (order item ID “113902877”) … The certificate is available. The system will now attempt to install it. The certificate is now installed! [[email protected]:~]
If you still have problems and your autossl not working after running that script, check out this post on cPanel forums, or contact your hosting provider for support.