I am facing multiple problem with CWP and SSL

So, I am using CWP to test how it performs but I ran into several issues that I need help with.

So I installed CentOS 8 on a server and installed CWP using the installation instruction provided in the documents. I changed the webserver to NGINX+Varnish+Apache. I also changed my PHP version to 8.1.15. I created a cwp user added mydomain.com there. then I created a subdomain in the usercp called it panel.mydomain.com so that the DNS is setup properly. I also ensured that both the domain and subdomain are pointing to the server by using dnschecker.org

1. Whenever I reboot the server, The hostname changes back to default
2. When I generate an SSL under CWP>Change Hostname. It generates a self-signed certificate. and this is what I see in /var/log/cwp/autossl.log

2023-12-18 08:12:08 panel.mydomain.com Failed http validation for Hostname: panel.mydomain.com
2023-12-18 08:12:08 panel.mydomain.com Self-signed SSL installed for Hostname: panel.mydomain.com

3. from usercp when I try to generate an SSL for mydomain.com from Domain>AutoSSL this is the error I face

DNS of your domain doesn't point to this server or you have htaccess restrictions

How do I solve all these SSL issues? I've looked into the DNS editor and also tested that the domains are pointed to the server using nslookup both from the inside the server as well as other computers. I am truly baffled and out of ideas on what could be causing this.

If you have https only set, Domain validation will fail because of the 403 redirect.

if you mean opened ports. Then I have both 80 and 443 open. I don't see any option for https only however...

I mean if you have apache or nginx set to "force https", the all port 80 requests will be redirected to ssl.  This breaks letsencrypt for some reason.

will that be in the vhost configs? Or will it be in any GUI option? I looked through all the config files, nothing is forcing https from what I see. however, the proxy pass location is using the https protocol for reversing port 2083 and 2031

I am using Nginx+Varnish+Apache webserver configuration btw.

if this line is there, it's redirecting.

return 301 https://$server_name$request_uri;

yup none of the conf contains those. I also didn't enable anything related to https forcing. so unless those rediects comes default with cwp confs it's unlikely there.

I can dm you the access to the server to check if you want. i don't mind since this is a demo server.

You can check the log file /root/.acme.sh/acme.sh.log to see what is going on.

sudo tail /root/.acme.sh/acme.sh.log
tail: cannot open '/root/.acme.sh/acme.sh.log' for reading: No such file or directory

is  /.well-known/acme-challenge/   and /.well-known/pki-validation   present the the panel. vhost file?

yes with a alias of "/usr/local/apache/autossl_tmp/.well-known/acme-challenge"

Please visit https://letsdebug.net/  and post the results

server.domain.com is my hostname and I have port 80 open just to confirm.

Without the actual domain name, it's kind of hard to actually help you.