The domain does not exist on this server message

[DigitalEssence]

Hi,

I have two servers with domains spread between them both and am getting a lot of errors in AutoSSL when it runs but the domain is on the other server. The emails are also being sent to customers which is causing me a fair few phone calls.

WARN Local DCV error (curriesroofingspecialists.co.uk): The system queried for a temporary file at “http://example.com/.well-known/pki-validation/758B3933C841BA1EFD84465C697D0ACF.txt”, but the web server responded with the following error: 404 (Not Found). A DNS (Domain Name System) or web server misconfiguration may exist. The domain “example.com” resolved to an IP address “1.2.3.4” that does not exist on this server.

I understand why I'm getting the error but not how to stop this when the domain isn't on this server. How do I ensure that AutoSSL only runs for domains on the current server?

I have searched these forums and read the tutorial but couldn't see any answers that were relevant to my issue.

Thanks

 

[cPanelLauren]

HI @DigitalEssence

For domains that don't resolve to the server, because AutoSSL doesn't have a way to know if they resolve or not when an AutoSSL run for the account is started it would be best to exclude domains through cPanel>>Security>>SSL/TLS Status.

Alternatively, you can also disable the notification that is sent for this specific issue though they wouldn't get them in the instance there's actually an error as well.

 

[DigitalEssence]

HI @DigitalEssence

For domains that don't resolve to the server, because AutoSSL doesn't have a way to know if they resolve or not when an AutoSSL run for the account is started it would be best to exclude domains through cPanel>>Security>>SSL/TLS Status.

Alternatively, you can also disable the notification that is sent for this specific issue though they wouldn't get them in the instance there's actually an error as well.

Hi,

I have disabled AutoSSL for all of the users who aren't on this server by ticking:

"Disable AutoSSLOverride the feature list setting and force AutoSSL to be disabled."

But they are still getting messages advising that the certificates have expired:

domainname.com SSL certificate expiry date UTC

domainname.com: The SSL certificate expires on Jul 27, 2017 at 12:00:00 AM UTC. At the time of this notice, the certificate expired “296 days, 1 hour, 31 minutes, and 5 seconds” ago.

The SSL certificate for “domainname.com” has not been renewed. You must take action to secure this site.
To upgrade to an EV or OV certificate, navigate to the “SSL/TLS Wizard” interface.
The following domain names lost SSL coverage when the certificate expired:

 

[cPanelLauren]

Hi @DigitalEssence

That specific notification will go out for any SSL (provided by AutoSSL or not) reaching expiry. You can disable this in WHM>>Server Configuration>>Tweak Settings -> Notifications -> Send notifications when certificates approach expiry. (if enabled and an AutoSSL certificate fails to renew it will send a notification in that instance as well.)

Thanks!