Certificate is showing expired

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: the cert is for irc.communiti.chat, web.communiti.chat, atrium.communiti.chat

When connecting via an IRC client the SSL certificate shows as expired. When accessing via the web using https:// it shows as expired.

I ran this command: I ran certbot renew and initially got the notice that nothing needed to be renewed. When I ran certbot certificates it showed the same as SSL check sites that the certificate expired 1 day ago. I have also ran certbot renew --force-renewal and now when running cerbot certificates it shows good through December 9th. However at least 2 web services that detect status of certificates show that it is still expired.


It produced this output: (see above)

My web server is (include version): n/a

The operating system my web server runs on is (include version): Ubuntu 22.04.2 LTS

My hosting provider, if applicable, is: DigitalOcean

I can login to a root shell on my machine (yes or no, or I don't know): yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): 2.6.0

1 Like

Sounds like you got a fresh cert so something must have gone wrong applying it to your web service. Have they been restarted per usual practice after getting a fresh cert?

Or, has their config changed such that they need to point to the current cert? Some web services need the .pem files converted so are your services like that?

These are just common reasons a fresh cert won't be reflected in connections to your web service.

It looks like your renewal has been working fine but that something has changed in how you apply the fresh cert to your service(s). I don't see your latest cert in the public CT log yet but here is your recent history which looks perfectly normal. Note your irc domain on port 443 isn't even using the cert issued on Aug11


Restarted and all is good. Thanks


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.