Symptoms
When attempting to issue and install a new hostname SSL certificate we see our previous old hostname being rate-limited by Let's Encrypt which is preventing the issuance of a new SSL certificate.
Description
When attempting to issue and install a SSL certificate the server’s previous hostname can prevent the SSL certificate for the new hostname from being properly issued and installed. This occurs when the previous hostname has reached a rate-limit with Let’s Encrypt.
We've opened an internal case for our development team to investigate this further. For reference, the case number is CPANEL-47072. Follow this article to receive an email notification when a solution is published in the product.
Workaround
Rename the hostname history file and re-running the "checkallsslcerts" script, shown below:
-
mv /var/cpanel/hostname_history.json{,.bak} -
/usr/local/cpanel/bin/checkallsslcerts
