Cert Renewal Successful But Cert Not Yet Valid?

Just a little information. I was using Cloudflare as my proxy in "full" end-to-end encryption mode. This was causing issues with my certificate renewal on my local IIS server preventing renewals (this is a well-known documented problem as backend encryption prevents access to http-01 for renewal calls). I went ahead and changed my site on Cloudflare to "Flexible" instead and manually ran Win-AMCE V2.1.20.1185 (most current version). To perform cert renewal as it expires in 10 days. I received notification from AMCE that it was completed and assigned the cert to my IIS bindings. Now I am unable to access my website. On further investigation, I see that the certificate is not yet valid and I do not understand why. (see image below)

If I then check the new certificate issued by Let's Encrypt it is showing a correct renewal date but stating "is expired or not yet valid" I have even tried to manually delete the certificate and completely issue a new one and I'm receiving the same certificate back with same issue.

The renewal process completes successfully inside of AMCE but provides me with a nonactive certificate??? Why is this and what can I do to fix it?

1 Like

Your clock is off.
Use NTP (or set the clock manually).

5 Likes

Yep you are correct. I see the server time is off. I'll update it and try again. I'll let you know how it goes. Thanks!

2 Likes

Fixed the time and was able to get a new cert issued that looks valid. Assigned it to my sites bindings but I'm still receiving "Err_Too_Many_Redirects" when trying to access my site. I've tried clearing my cache, using another browser and also restarting IIS. Any ideas?

1 Like

That is no longer a certificate issue; Don't delete any certs, nor obtain any new ones.

If you can provide the domain name, we can better assist you.

2 Likes

Thank you but I believe I have resolved that issue as well. Cloudflare was redirecting to HTTPS as well as my IIS server with a URL Rewrite rule. I disabled it on IIS and allowed Cloudflare to handle the rewrites sololy and it appears to be working now.

I just find it odd I never had this issue until renewing the certificate. It's been running like this for years...

But thanks again for your prompt responses!

3 Likes

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.