Symptoms
When you create an Addon Domain, a subdomain is created on the Primary Domain to link the domain to the cPanel account. If the Primary Domain uses a Wildcard SSL certificate, this new subdomain is automatically covered under the SSL.
However, if the subdomain itself cannot pass DCV when attempting to issue an SSL for the new Addon Domain, then AutoSSL will fail for the new domain and return the following error:
Impediment: SECURED_DOMAIN_DCV_FAILURE: One or more currently-secured domains failed DCV.
Description
As the subdomain is being secured under the Primary Domain's Wildcard SSL, but failing DCV itself, AutoSSL will not issue the SSL as it believes there will be a reduction in coverage.
We've opened an internal case for our development team to investigate this further. For reference, the case number is CPANEL-46426. Follow this article to receive an email notification when a solution is published in the product.
Workaround
Exclude the subdomain from AutoSSL using the "SSL/TLS Status" tool in cPanel. The following provides steps on this process:
