Troubleshoot and Fix cPanel AutoSSL Issues

As you may already know, Web Hosting Canada offers free SSL certificates on most of the provided Canadian hosting solutions. The provided SSL Security powered by AutoSSL, a cPanel feature which automatically installs domain-validated (DV) SSL certificates. Running the AutoSSL will replace any expiring or invalid certificates. 

You should not follow this guide if you are using any premium SSL certificate

SSL errors can be really tricky but simple to fix if you know what each error refers to. In order to easily fix these errors, please follow below steps. 

WHM Users

  1. Login to the WHM of the server in question and follow this path: Home > SSL/TLS > Manage AutoSSL

    Troubleshoot AutoSSL issues

    cPanel > SECURITY > SSL/TLS will allow you to run the SSL on a specific domain but the WHM interface will run it on the whole account.

  2. Under "Manage Users" search the username of the cPanel account you're trying to run the SSL on.  

    Troubleshoot AutoSSL issue
  3. Once you see the account, click on "check «USERNAME»" 

  4. To visualize the errors causing the SSL to be blocked. Click on logs > Refresh > Select the log to view and click "View Log". 

cPanel Users

  1. From cPanel> SECURITY> SSL/TLS status, select the domain or domains you need to install SSL on   

  2. Click on Run  AutoSSL  

Most Common AutoSSL Errors and the Appropriate Fix 

Local HTTP DCV error (domain.com): The system queried for a temporary file at “...”, but the web server responded with the following error: 404 (Not Found). A DNS (Domain Name System) or web server misconfiguration may exist.

You will get this error mostly on a subdomain or addon domain that has just been added. Make sure it's added correctly and assigned to a root folder. You might need to wait for the propagation if nameservers have just been changed. Try selecting the account and re-running SSL. 

Local HTTP DCV error (domainname.com): “domainname.com” does not resolve to any IP addresses on the internet. 

This error means that the Nameservers are not set correctly or that there's no "A" record for that domain name. Please check the Nameservers and the DNS zone. 

Local DNS DCV error (domainname.com): The DNS query to “...” for the DCV challenge returned no “TXT” record that matches the value “...”.

This error means that the Nameservers are not set correctly or that the nameservers nor the IP address are pointing to us. 

Local HTTP DCV error (domainname.com): “cPanel (powered by Sectigo)” forbids DCV HTTP redirections.

This error means that the domain name is redirecting to another domain. This redirection must be revoked before running SSL again.

Local HTTP DCV error (domainname.com): The system queried for a temporary file at “...”, but the web server responded with the following error: 404 (Not Found). A DNS (Domain Name System) or web server misconfiguration may exist. The domain “domainname.com” resolved to an IP address “...” that does not exist on this server.

Local HTTP DCV error (domainname.com): The system failed to fetch the DCV (Domain Control Validation) file at “...” because of an error: The system failed to send an HTTP (Hypertext Transfer Protocol) “GET” request to “...” because of an error: Timed out while waiting for socket to become ready for reading. The domain “domainname.com” resolved to an IP address “...” that does not exist on this server."

Local HTTP DCV error (domain.com): The content “...” of the DCV (Domain Control Validation) file, as accessed at “...”, did not match the expected value. The domain “...” resolved to an IP address “...” that does not exist on this server."

These errors mean that the domain is not pointing to our IP address therefore, it is not permitted to use our free AutoSSL (even if it's using WHC's nameservers). 

Suggested Read: How to Force the Use of SSL on Your Domain.

Was this answer helpful? Yes No