SOLVED AutoSSL Errors DNS DCV

[MarcoConsulting]

Hello,
i have problem on autossl:

DNS DCV: The DNS query to “_cpanel-dcv-test-record.example.com” for the DCV challenge returned no “TXT” record that matches the value “_cpanel-dcv-test-record=zjArUofGfUm_CL48mrPNlqKUox_jqKktDzHc81LJJIKy2lvGIWlav3DlW1E7Jg9V”.; HTTP DCV: The system queried for a temporary file at “http://example.com/.well-known/pki-validation/C717482B82DE99BB6AA6FF82541D80C6.txt”, but the web server responded with the following error: 404 (Not Found). A DNS (Domain Name System) or web server misconfiguration may exist.

my .htaccess is:

# BEGIN WordPress

<IfModule mod_rewrite.c>

RewriteEngine On

RewriteBase /

RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$

RewriteCond %{REQUEST_URI} !^/\.well-known/cpanel-dcv/[0-9a-zA-Z_-]+$

RewriteCond %{REQUEST_URI} !^/[A-F0-9]{32}\.txt$

RewriteCond %{REQUEST_URI} !^/\.well-known/pki-validation/[A-F0-9]{32}\.txt$

RewriteRule ^index\.php$ - [L]

RewriteCond %{REQUEST_FILENAME} !-f

RewriteCond %{REQUEST_FILENAME} !-d

RewriteRule . /index.php [L]

</IfModule>


# END WordPress

What shoild i do?
thanks

 

[dalem]

make sure the file exists @ /home/username/public_html/.well-known/pki-validation/

and see if you can bring it up
http://example.com/.well-known/pki-validation/C717482B82DE99BB6AA6FF82541D80C6.txt

 

[MarcoConsulting]

The file doesn't exist, how can i generate it?
when i check the autossl, in the log this file change everytime the name

 

[cPanelMichael]

Hello @MarcoConsulting,

Can you verify the DNS for the domain name associated with the AutoSSL request is hosted on the cPanel & WHM server? Or, are you manually populating the DNS records for this domain at it's DNS host? Also, which cPanel & WHM version is installed on this server?

Thank you.

 

[MarcoConsulting]

I set the DNS from my dns provider,
but whm had set his dns zone, so they are not equal.
But autossl said something about file .txt that i haven't under pki-validation, attention the autossl check every time change the temporary file name.
WHM & Cpanel version = 78.0.11

 

[MarcoConsulting]

this is the autoconfig log:
[removed due to inclusion of real domain name and username]
7:55:20 PM ERROR Impediment: TOTAL_DCV_FAILURE: Every domain failed DCV.
7:55:20 PM The system has completed the AutoSSL check for “removed”.



which dns i have to edit?
the hosting dns or the dns zone cpanel or dns zone whm ?? and how?

 

[MarcoConsulting]

I created a test file under pki-validation and with curl i got it...
i have problem with autossl only with a few domain, the dns are pretty equal.
Can the staff tell mo how resolve? or how to setup correctly the DNS DCV ???

 

[cPanelMichael]

Hello @MarcoConsulting,

The DNS-based domain control validation is not supported if the DNS for the domain is hosted on a remote server. The entries you had to the local DNS zone will have no effect on the validation process if the DNS is hosted elsewhere. That said, the HTTP-based validation should still be able to succeed. Can you open a support ticket so we can take a closer look at the affected system? You can post the ticket number here and I'll link this thread to it.

Thank you.

 

[MarcoConsulting]

ticket id : 11531223

 

[MarcoConsulting]

Who create the txt file under kpi-validation???
how can i regenerate this file?

 

[MarcoConsulting]

Resolved.
The problem was the IPV6 shared disabled for all my hosting.
Thanks

 

[cPanelMichael]

Hello @MarcoConsulting,

I'm glad to see the issue was solved. Here's part of the response in the ticket that explained the cause of the problem:

In AutoSSL, IPv6 checks take precedent and because these records do not resolve, the SSL checks fail. To address this, the IPv6 records should either be removed or updated to an address that is bound and resolves to the server.

Thank you.

 

[Lewis_008]

Hi , We have the same problem with 2 sites. Can you let me know how to do it???

 

[chidi]

Resolved.
The problem was the IPV6 shared disabled for all my hosting.
Thanks

pls @MarcoConsulting can you explain more how "IPV6 shared disabled" helped you solved that issue. I have similar problem pls.