Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is: circlem.energy
My web server is (include version): IIS v10
I'm using a control panel to manage my site: Plesk
Created a cert like I have in the past. It fails on any browser I try it on. The only thing that looks wrong is the common name is sucuri.net. All my other working certs have the actual domain name here. Sucuri.net seems to be the firewall for Godaddy.
All my DNS at Godaddy looks correct. The DNS resolves correctly. Everything looks right, but it keeps issuing the certificate to Sucuri.net when I add a certificate through Plesk.
I'm just looking for a push in the right direction, because everywhere I look, everything looks like our other working domains (except for the common name on the bad cert).
Thanks,
Note: the only thing different is that the other sites certs may have been created before we added the firewall. I'm not sure on that. All I know is, I'm clicking the same button on Plesk I clicked in the past, only this time with different results.
There are many things wrong, one of which is that the cert is issued by GoDaddy and not by Let's Encrypt. Another is that there is no Subject Alt Name extension on the cert, which I understand is required by all browsers for some time. Suggest you ask Go Daddy why they're breaking your site this way.
That's weird. In Plesk, it looks like our other domains. I guess I can't attach screen shots, but it says: Certificate Name: Lets Encrypt circlem.energy. We have like 4 other domains, and they all say Lets Encrypt + the valid domain. I checked and the other certs were actually issued by Lets Encrypt.
I really dislike dealing with godaddy support...but I guess it would be logical to go there next.
Yeah, we pay godaddy. I assume Sucuri manages their firewall service. I don't care about the who issues the cert if it works...BUT, it isn't exactly a good look to hijack Plesk to issue their own cert, when the button I clicked clearly says it is to get a Let's Encrypt certificate. I just went back and triple checked Plesk, and it looks very much like it should issue a Let's Encrypt cert when I click the button. And, I'm not crazy. The same button in the past did issue a Let's Encrypt certificate. I have like 4 other certs to prove it.
I also just noticed that the cert was issued back in August. Maybe I'm clicking the Let's Encrypt button, but the cert that we are looking at is an old one. I can assure you, I came here because everything on my Plesk control panel looks like it is making a Let's Encrypt cert. Like I said, all of our other domains check out to be issued by Let's Encrypt. I created them the same way.
That may be true but the "thing" that is responding to HTTPS requests going to your domain is using something else.
It is not unusual for a firewall that does things like "HTTPS Inspection" will have its own cert and you may have another one for your own server. The firewall probably has some kind of option to upload custom certs. These are things to sort out with that Firewall provider. We can't be experts at every configuration option for every kind of system
