ACME - Lets Encrypt

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: webmail.poulininc.ca

I ran this command:

It produced this output:

My web server is (include version):

The operating system my web server runs on is (include version):

My hosting provider, if applicable, is:Namecheap

I can login to a root shell on my machine (yes or no, or I don't know): Yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):

When I issue a cert and install it I don't get the padlock and instead am told I have a domain mismatch because the following are not listed in the cert *.web-hosting.com. Does anyone encounter this issue?

Your domain is not using your new cert for HTTPS requests. You have not installed it correctly (that is, you have not configured your web server to use it).

Is your webmail service running on port 443 (HTTPS)?

You haven't provided any info about how you got the cert or what kind of web server you are running so we can't give any more specific advice. You should review the docs for your web server and/or webmail service for cert configuration instructions.

Until more info is provided:

x-powered-by: PHP/8.0.28
x-turbo-charged-by: LiteSpeed

I have tried with Windows 10 Chrome Version 112.0.5615.50 (Official Build) (64-bit), Firefox 111.0.1 (64-bit), and Microsoft Edge Version 112.0.1722.39 (Official build) (64-bit); I get a padlock on all 3.

No problems found with any of theses:

• SSL Checker
• https://decoder.link/sslchecker/webmail.poulininc.ca/465
• SSL Server Test: webmail.poulininc.ca (Powered by Qualys SSL Labs)
• https://www.whynopadlock.com/results/dfd54935-4189-4a78-8909-9877ea3a0a92
• https://www.missingpadlock.com/

image1166×776 10.6 KB

And here is a list of issued certificates crt.sh | webmail.poulininc.ca, the latest being 2023-04-11.
And this issued certificate is the one I presently being served crt.sh | 9121323938
and only has the Domain Name and no www domain name

            X509v3 Subject Alternative Name: 
                DNS:webmail.poulininc.ca

I was able todo it through a service called sslforweb, and it worked

Note that site says

SSLForWeb Generate 90 Day valid Let's Encrypt certificate for a Domain. After 90 Days you need to renew a certificate. Also, You can renew certificate before a 90 Days.

Let's Encrypt recommends using a method with automated renewal, for convenience and reliability. The SSLForWeb method does work but doesn't offer that—with this approach, you would have to repeat the process indefinitely.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.