AutoSSL cannot request a certificate because all the domains have failed DCV Print

  • 1

Are you receiving emails from cPanel about failed Auto SSL renewal? i.e The AutoSSL certificate renewal may cause a reduction of coverage…, AutoSSL cannot request a certificate because all the domains have failed DCV?

Worry not for you are not alone

In cPanel version 68 a new feature was added to send email notifications to end users when an AutoSSL certificate renewal processed:

This new feature means that cPanel users are starting to receive emails such as the following:

DNS DCV: The DNS query to “_cpanel-dcv-test-record.ohost.co.za” for the DCV challenge returned no “TXT” record that matches the value “_cpanel-dcv-test-record=xxxxxxx”.; HTTP DCV: The system failed to fetch the DCV (Domain Control Validation) file at “http://ohost.co.za/.well-known/pki-validation/xxxxxxx.txt” because of an error (cached): Could not connect to 'xxxxxxx:80': Network is unreachable.

These are usually due to AutoSSL (the cPanel feature that automatically installs free Comodo or LetsEncrypt SSL certificates on domains) attempting to install certificates on cPanel related sub-domains (webdisk.domain.com or cpanel.domain.com) or on domains that don’t resolve directly to the server. An example of the latter would be when the domain is running via Cloudflare or another CDN.

If your domains resolve directly to the server then there is nothing to worry about, your SSL certificates will be automatically renewed as normal!

These emails can be confusing and worrisome, but worry not, there should be a link at the end of the email where you may safely turn these notifications off if you not you may safely ignore these for now until cPanel gives a way to turn the notifications off.


Was this answer helpful?

« Back