SSL Is Not Generating

Table of Contents
    square-for-kb1
    SSL-not-generating

    If you’re having issues with your SSL certificate not generating, there could be several reasons why this might be happening. Here are some potential causes and solutions:

    1. A Records Not Pointing to Staq Servers

    Your A records need to point to Staq servers for LetsEncrypt, our SSL provider, to verify domain ownership. If they are not correctly pointed, LetsEncrypt won’t be able to establish a connection to Staq and your SSL certificate will not generate.

    Solution:

    Check your DNS settings and ensure your A records are correctly pointing to Staq servers by ensuring you’ve followed this knowledge base article.

    2. Mismatched A Records

    If you have one A record pointing to Staq but the other is pointing somewhere else, this can also prevent SSL generation. LetsEncrypt needs to verify both www and non-www records.

    Solution:

    Make sure both your www and non-www A records are pointing to Staq servers by ensuring your domains A records are connected.

    3. Domain Deletion During SSL Generation

    If you delete a domain in the Staq Panel while LetsEncrypt is trying to generate two SSL certificates, it might only see one and fail to generate the certificates.

    Solution:

    Add back the original domain. If you need to delete a domain, wait until after the SSL generation process is complete.

    4. Reverse Proxy Issue

    If your domain points to a reverse proxy, it’s crucial to ensure the reverse proxy points to the correct IP address. This is often an issue when using Cloudflare and its proxy/alias feature.

    Solution:

    If you’re using Cloudflare as the DNS service, in order for the SSL certificate to generate or renew, you’ll have to ensure that your records i.e. the non-www and www records have the proxy status disabled:

    5. Domain Name Has Expired

    To confirm, go to the Domains section inside the site’s Staq Panel (Staq dashboard). Is there a warning symbol with the message, “IP couldn’t be resolved”. To further investigate, go to a whois domain search such as:

    • Australia: https://whois.auda.org.au/
    • USA and other countries: https://whois.godaddy.com/

    and search for the domain.

    Under Domain Status, if it says Expired, then, you’ll have to renew the domain name for the site and DNS to work again.

    Generating SSL

    After rectifying these issues, navigate to the SSL section in the Staq Panel and click “Generate SSL Certificate”:

    6. Validation issues – install your own custom SSL

    We recommend using ZeroSSL. Generate your own SSL and apply your custom SSL. This is how to upload your custom SSL certificate.

    If you’re still having problems, please contact our support team for further assistance.

    Try Staq
    Everything WordPress in one place. Simplify WordPress, streamline your flow
    square-for-kb3