I have used terminal in my cPanel to install (and auto-renew) ZeroSSL (Let's Encrypt) certificates for many domains. Today, when I tried to do the same, it gave me an error and continues to do so for any domain that I try to install through this method.
Below are the errors I'm receiving. Have I run into some sort of certificate automation limit? Maybe something changed on my server (last time this worked was yesterday!). Domain has been changed to "mydomain.com" for illustration purposes.
CODE + ERROR:
[mydomain@server1 ~]$ acme.sh --deploy --deploy-hook cpanel_uapi --domain mydomain.com --domain www.mydomain.com
[Mon Apr 10 14:04:55 GMT 2023] The domain 'mydomain.com' seems to have a ECC cert already, lets use ecc cert.
[Mon Apr 10 14:04:55 GMT 2023] Applying sitelist filter DEPLOY_CPANEL_AUTO_INCLUDE: *
[Mon Apr 10 14:04:55 GMT 2023] Applying sitelist filter DEPLOY_CPANEL_AUTO_EXCLUDE:
[Mon Apr 10 14:04:55 GMT 2023] Error in deploying certificate to mydomain.com:
[Mon Apr 10 14:04:55 GMT 2023] ---
apiversion: 3
func: install_ssl
module: SSL
result:
data: ~
errors:
- "The system could not parse the certificate because of an error: The certificate text wasnot valid."
- "need “key_algorithm”! at /usr/local/cpanel/Cpanel/Crypt/Algorithm.pm line 96. "
messages: ~
metadata: {}
status: 0
warnings: ~
[Mon Apr 10 14:04:55 GMT 2023] Could not deploy to any of 1 sites via UAPI
[Mon Apr 10 14:04:55 GMT 2023] Error deploy for domain:mydomain.com
[Mon Apr 10 14:04:55 GMT 2023] Deploy error.
I'm assuming it is something simple I'm overlooking. FYI: All commands before this step resolve successfully as before. Any help would be greatly appreciated!
I used the following commands step by step to install SSL:
curl https://get.acme.sh | sh
source ~/.bashrc
acme.sh --register-account --accountemail myemail@myemail.com
acme.sh --issue --webroot ~/public_html -d mydomain.com -d www.mydomain.com --staging
acme.sh --issue --webroot ~/public_html -d mydomain.com -d www.mydomain.com --force
acme.sh --deploy --deploy-hook cpanel_uapi --domain mydomain.com --domain www.mydomain.com
myemail@myemail.com is a replacement for my ZeroSSL account. This has worked on dozens of domain SSL installs (as late as yesterday it worked). Something changed for this morning for this error to happen on all new domains.
