I have installed Let’s Encrypt SSL certificate on my fuelgr.gr domain and have renewed it two times in the past with no issues.
Last Sunday I did again the renew/install procedure described here: https://gethttpsforfree.com/ . It was a few hours before the old certificate was about to expire. I did all the steps with no issue. Even the host’s UI told me that:
Issuer: Let’s Encrypt Authority X3
Valid Until: Dec 25 13:03:00 2017 GMT
Unfortunatly, today I realized that the browsers complain for my site not being secure with a mesage about NET::ERR_CERT_DATE_INVALID.
I checked https://www.ssllabs.com/ssltest/analyze.html?d=fuelgr.gr to see that I was still on my previous SSL certificate which of course had expired on Monday.
So, how is it possible to have the renew task properly done, the host to confirm this, but have no secure site right now?
I am on a managed shared (grid) server at Media Temple (USA). I have no root access but do have ssh connection.
Desperate to find a solution, I user a “Remove Certificate” option provided in the Media Temple’s admin UI and did the certificate installation again from the very begining. I actualy did it 3 times. At the end the situation was as described above.
your help please
I’m a little unclear on what you were referring to about the “host’s UI”, but I want to make sure you understand that certificates are just text files (containing cryptographic signature data) and their contents are fixed at the time they’re issued. Therefore, certificate renewal really means issuing a new certificate containing some of the same data (for example, covering the same domain names) as an old certificate. In this case, the new certificate still needs to be installed in the server application in order for the server application to know about it. The existence of the new certificate out in the world doesn’t have any effect unless it’s also installed in the server.
So, what steps did you take to install the new certificate? When you refer to the “host’s UI”, is that like a control panel in your Media Temple account? And when you did the certificate installation from the beginning, did you upload a copy of the new certificate?
If so, I think this is simply a weird bug of some sort in Media Temple’s software that they will need to fix.
Please delete this thread - it was a terrible mistake I made that caused all this mess! Issues solved. Thank you for replying.
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.