Browser says, certificate is invalid, Certbot says, it's ok

Hi , have exact the same problem as of today. I have a testsite at theola.tk and both Firefox and Chrome say the certificate expired today. But certbot certificates shows the certificate as valid until 8th September and doesn’t allow renewal.
The site is hosted on VPS Ubuntu 18.04 at hetzner.de and doesn’t run on Apache or nginx : the certificate is set as standalone.

Hi @theola

I've moved your question to a new topic, makes things easier.

checked your domain there is a new certificate ( https://check-your-website.server-daten.de/?q=theola.tk#ct-logs ):

Issuer not before not after Domain names LE-Duplicate next LE
Let's Encrypt Authority X3 2019-06-10 2019-09-08 pikeman.tk, theola.tk, tombwalker.tk
3 entries
Let's Encrypt Authority X3 2019-04-10 2019-07-09 pikeman.tk, theola.tk, tombwalker.tk
3 entries
Let's Encrypt Authority X3 2019-04-10 2019-07-09 pikeman.tk, theola.tk, tombwalker.tk
3 entries
Let's Encrypt Authority X3 2019-04-07 2019-07-06 pikeman.tk, theola.tk, tombwalker.tk
3 entries
Let's Encrypt Authority X3 2018-08-24 2018-11-22 pikeman.tk, theola.tk, tombwalker.tk
3 entries

But the certificate you use is expired:

CN=theola.tk
	10.04.2019
	09.07.2019
0 days expired	
pikeman.tk, theola.tk, tombwalker.tk - 3 entries

What's your server software? A certificate isn't "standalone", that's a modus of the http-01 challenge.

You have to install the certificate. Perhaps you have to do that manual.

PS: Your server:

Server: ""

Terrible to debug.

1 Like

Hi, Juergen. Thanks for the fast reply.

I’ve found the cause : as the site runs on Glassfish, at the last renewal a month ago i most probably forgot to create a new keystore from the cert files and replace the existing one. It is already done and the site runs again on SSL. I thought at first Firefox has again a global certificate problem.

Many thanks for your effort

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.