Self Signed SSL is creating for my hostname instead of auto SSL.

I have a valid A record pointing to my server, and I can access the panel with HTTP using the hostname, but when I click change hostname to create SSL for my hostname, it makes a self-signed SSL instead of auto SSL.

Here is the log file.
2025-05-31 08:05:29 server.domain.com Failed http validation for Hostname: server.domain.com
2025-05-31 08:05:29 server.domain.com Self-signed SSL installed for Hostname: server.domain.com
2025-05-31 08:05:29 server.domain.com Installing Hostname SSL for service cwpsrv: server.domain.com
2025-05-31 08:05:29 server.domain.com Installing Hostname SSL for service postfix: server.domain.com
2025-05-31 08:05:32 server.domain.com Installing Hostname SSL for service dovecot: server.domain.com
2025-05-31 08:05:33 server.domain.com Installing Hostname SSL for service pure-ftpd: server.domain.com
2025-05-31 08:05:34 server.domain.com Installing Hostname SSL for service nginx: server.domain.com

Masked the domain name for privacy in the logs. I can't find the Acme files in my site's directory. I guess that's the issue, but I don't know how to create it.

Do you have a http -> https redirect in place? LetsEncrypt needs standard HTTP on port 80 to validate your domain name.

Do you have a http -> https redirect in place? LetsEncrypt needs standard HTTP on port 80 to validate your domain name.

Where should I check it? I just installed cwp panel & right away went to create SSL, but it didn't work.

If it's a default, fresh config, I wouldn't imagine you have a blanket HTTPS redirect in place. But you can double check and look under WebServers Settings -> WebServers Main Conf -> make sure your default template isn't to force-https.

Start at the CSF firewall level and work your way inward; are you allowing HTTP port 80, in addition to the other common ports?
https://wiki.centos-webpanel.com/csflfd-firewall-configuration

It automatically fixed itself. Wondering what the reason could be. No server restarts or any other things have been done. Just left it as it is & came back after a few hrs and tried & it worked.

I have another query. I have Linux Cockpit running on port 9090. I also want to issue an SSL for that port in the hostname. What should I do?

I have another query. I have Linux Cockpit running on port 9090. I also want to issue an SSL for that port in the hostname. What should I do?

You need to configure the service used to listen the port 9090 to use the Let's Encrypt SSL. Check the docs of your application how to do this.

The certificates (keys/certificates) obtained by CWP from Let's Encrypt are located in the folders:

Code: [Select]

/etc/pki/tls/certs/
/etc/pki/tls/private/


So, there's only one SSL certificate for every port for a subdomain?