Recently I faced a problem with a vps in which the autossl did not wanted to generate a request for the vps's hostname.
After cleaning crap off the apropriate dns zone and after fixing an ns record pointing to a non-functioning dns server I thought yeah we're good to go!
But cpanel had other plans...no certificate AGAIN and /usr/local/cpanel/bin/checkallsslcerts gave me a weird error:
[WARN] The system failed to acquire a signed certificate from the cPanel Store. at bin/checkallsslcerts.pl line 653.
Putting aside that there is NO such Perl file, it came to me that maybe because of the wrong NS record along with other crap I found, there is a certificate CSR for the hostname left over and cpanel did not erase it for some reason.
And yes, there is one in /var/cpanel/hostname_cert_csrs.
Removed it and now checkallsslcerts.pl runs without an error.
Or does it?? Now throws a subtle [Note] (why??) that the hostname isn't covered by any of the subdomains
Finally, the solution was
mv /var/cpanel/hostname_cert_csrs{,.cpbkp} -v
For some reason the whole directory should be backup up and then the checkallsslcert will run correctly issuing a certificate for the hostname!