cPanel & WHM Version 98 has been released, and brings a slew of great updates. Take a look at what is included, and then upgrade today!

Best available SSL install triggered at account creation time (AutoSSL as well if enabled)

benny@cpanel.net shared this idea 4 years ago
Completed

As a cPanel account users, and as a server administrator, I would like a new SSL to automatically be requested and installed directly after account creation, rather than having to wait until the next cron'ed run of AutoSSL (if it is enabled).

Replies (5)

photo
2

This feature should land in version 62

photo
2

This is now in a public version of cPanel & WHM version 62, which is in our EDGE tier. AutoSSL is triggered when an account is created, rather than require that the user wait until the nightly maintenance.


99ca768ea531e33dedca00fa2138acc8

photo
1

How will this work? Since new accounts won't necessarily (and probably won't be) pointing to the server immediately after account set up? DCV won't be in place.

photo
1

If the domain doesn't resolve to the server it won't pass verification, that's correct. However, AutoSSL will continue to try at regular intervals until it is able to achieve the verification.

photo
1

Great ! What are these intervals, can we set them ?

photo
1

Looks like it just falls back to the daily cron if it fails during the account creation.


18100d8220e283a57d55182b7c1b2773

photo
1

Oh that's a shame, it would be nice if it checked every x hours during the next x days and even better if there was a way to configure the duration between each try and the total number of tries before going back to the daily verification.

photo
2

I second monarobase idea. You may have created an account for a domain that still dont resolve to your DNS, but it will, soon. And users are increasingly asking for SSL, so checking if it resolves every 2 hours would be a good catch. It shouldn't impact in server performance, right?


Obviously, if you implement this, check only those recently created domains where AutoSSL was unsuccessful. Also, I would advice that if a domain don't start resolving within the first 72 hs, then fallback to the current nightly checks.

photo
1

I like that idea, but unfortunately it's not likely to be included in this specific improvement to the feature. If you'd like, it's probably a good idea to get that submitted as its own request so we can track interest in that one.

photo
1

Ok Benny. Following your advice, I submitted it as a feature request extending this one. Once it's approved, it will be found as "Trigger AutoSSL for domains that still don't resolve"


Thanks!

photo
1

Yes yes yes ! And this should also include the creation of SSL at Addon domain and Sub Domain creation time.

photo
2

This is included in the v62 feature

photo
1

just hope it will not be set to be active as default unless cpanel want to run my business for me. these features are handy but should be 100% left to the server admins to activate them

photo
1

This will be included by default as part of AutoSSL, as I understand it.

photo
2

I'm not really sure that automating this is really the way to go. Making it easier for end-users to apply for and install free certificates in their cPanel - including a check to make sure that the domain name resolves to the server before even attempting to apply for a certificate - and educating the end-user on how to use this process would seem to be a better idea to me.


But I suppose there's nothing wrong with having an option to "automatically" attempt to install a certificate on account creation. I just don't think it's going to work very well and server administrators probably need to be aware of this. I think this option to automatically attempt SSL installs should be defaulted to disabled and server administrators should have to take explicit action to enable it.

Replies have been locked on this page!