What each row means
The icon on the left is a quick read of the cert state:| Icon | Meaning |
|---|---|
| Green padlock | A trusted cert is installed and covers this domain. Will renew via AutoSSL. |
| Green padlock + dot | Cert installed and AutoSSL is the renewal source. |
| Red 🚫 | No cert covers this domain, or the installed cert doesn’t include it. |
- AutoSSL Domain Validated. Free Let’s Encrypt cert issued and managed by cPanel/Noxity. Renews on its own roughly 30 days before expiry.
- Unknown Certificate Type. A third-party cert (often Cloudflare Origin) you uploaded. Won’t renew via AutoSSL because it didn’t come from AutoSSL.
- The installed certificate does not cover this domain. A cert exists for the parent domain but the specific hostname isn’t on it. Common with newly-added subdomains before the next AutoSSL run.
Search and filter
The search box across the top filters the list by domain name. The page shows a count like “Showing 47 of 47 domains” so you know whether the filter is hiding anything. For a big account with many domains, use the search to focus on the domain you’re troubleshooting; the full list can be hundreds of rows.Force AutoSSL to run now
The Status tab doesn’t have a Run AutoSSL button on the user side. AutoSSL runs every 12 hours automatically and will pick up domains that don’t yet have a cert. If you need it to run sooner (say, a domain you just added), open a ticket and we’ll trigger AutoSSL for your account on demand.What to do when a row is red
- The installed certificate does not cover this domain. Run the Wizard and tick the missing domain. Or wait for the next AutoSSL pass.
- No certificate. Same answer. The Wizard issues one in two clicks.
- Cert expired. AutoSSL would renew it 30 days before expiry; if it didn’t, validation is failing somewhere. Check the Wizard for the validation error.
Common issues
A domain shows as not covered, but my browser sees a green padlock
A domain shows as not covered, but my browser sees a green padlock
Cloudflare or another reverse proxy is presenting its own cert at the edge. The browser sees Cloudflare’s cert, not your origin’s. cPanel’s Status tab reports the origin state. For end-to-end encryption, install a Cloudflare Origin Certificate and let Cloudflare proxy serve its own.
Status hasn't updated after I issued a cert
Status hasn't updated after I issued a cert
The Status tab caches; refresh the page. If it still shows old data, the certificate was issued but didn’t install successfully. Check Installation.
"Will not renew via AutoSSL because it was not issued via AutoSSL"
"Will not renew via AutoSSL because it was not issued via AutoSSL"
Right, that’s expected. AutoSSL only renews certs it issued itself. Third-party certs (Cloudflare Origin, paid certs from DigiCert) you renew on their own schedule via the issuing provider.