Our features site is undergoing a refresh! Be sure to explore the revamped site and discover our latest product roadmap launching here on Monday, March 18th.
New Topic
cPanel & WHM Feature RequestsTopicSecurity
Properties
Category Security
Tags v62, autossl, account creation

Best available SSL install triggered at account creation time (AutoSSL as well if enabled)

benny@cpanel.net shared this idea 8 years ago
Completed

As a cPanel account users, and as a server administrator, I would like a new SSL to automatically be requested and installed directly after account creation, rather than having to wait until the next cron'ed run of AutoSSL (if it is enabled).

27 I like this idea 1  

Replies (5)

photo
2
benny@cpanel.net 8 years ago

This feature should land in version 62

photo
2
benny@cpanel.net 8 years ago

This is now in a public version of cPanel & WHM version 62, which is in our EDGE tier. AutoSSL is triggered when an account is created, rather than require that the user wait until the nightly maintenance.


99ca768ea531e33dedca00fa2138acc8

photo
1
sparek-3 8 years ago

How will this work? Since new accounts won't necessarily (and probably won't be) pointing to the server immediately after account set up? DCV won't be in place.

photo
1
benny@cpanel.net 8 years ago

If the domain doesn't resolve to the server it won't pass verification, that's correct. However, AutoSSL will continue to try at regular intervals until it is able to achieve the verification.

photo
1
Monarobase 8 years ago

Great ! What are these intervals, can we set them ?

photo
1
benny@cpanel.net 8 years ago

Looks like it just falls back to the daily cron if it fails during the account creation.


18100d8220e283a57d55182b7c1b2773

photo
1
Monarobase 8 years ago

Oh that's a shame, it would be nice if it checked every x hours during the next x days and even better if there was a way to configure the duration between each try and the total number of tries before going back to the daily verification.

photo
2
Marcelo Pedra 8 years ago

I second monarobase idea. You may have created an account for a domain that still dont resolve to your DNS, but it will, soon. And users are increasingly asking for SSL, so checking if it resolves every 2 hours would be a good catch. It shouldn't impact in server performance, right?


Obviously, if you implement this, check only those recently created domains where AutoSSL was unsuccessful. Also, I would advice that if a domain don't start resolving within the first 72 hs, then fallback to the current nightly checks.

photo
1
benny@cpanel.net 8 years ago

I like that idea, but unfortunately it's not likely to be included in this specific improvement to the feature. If you'd like, it's probably a good idea to get that submitted as its own request so we can track interest in that one.

photo
1
Marcelo Pedra 8 years ago

Ok Benny. Following your advice, I submitted it as a feature request extending this one. Once it's approved, it will be found as "Trigger AutoSSL for domains that still don't resolve"


Thanks!

photo
1
PH-Jay 8 years ago

Yes yes yes ! And this should also include the creation of SSL at Addon domain and Sub Domain creation time.

photo
2
cpanelnick 8 years ago

This is included in the v62 feature

photo
1
Terry Robertson 8 years ago

just hope it will not be set to be active as default unless cpanel want to run my business for me. these features are handy but should be 100% left to the server admins to activate them

photo
1
benny@cpanel.net 8 years ago

This will be included by default as part of AutoSSL, as I understand it.

photo
2
sparek-3 8 years ago

I'm not really sure that automating this is really the way to go. Making it easier for end-users to apply for and install free certificates in their cPanel - including a check to make sure that the domain name resolves to the server before even attempting to apply for a certificate - and educating the end-user on how to use this process would seem to be a better idea to me.


But I suppose there's nothing wrong with having an option to "automatically" attempt to install a certificate on account creation. I just don't think it's going to work very well and server administrators probably need to be aware of this. I think this option to automatically attempt SSL installs should be defaulted to disabled and server administrators should have to take explicit action to enable it.

Replies have been locked on this page!

cPanel, WebHost Manager and WHM are registered trademarks of cPanel, L.L.C. for providing its computer software that facilitates the management and configuration of Internet web servers.