Certificate not trusted

i have just installed a next-cloud instance on my raspberry pi using their auto installer image. and following the links in

i have setup remote access using a free dNS server which is working and also enabled lets encrypt for a certificate which was issued fine with no errors

however my browsers are still reporting the site is not trusted

i have tried the following recommended tool
It produced this output:
cloudsaw.mooo.com is currently affected by Let's Encrypt-based rate limits (Rate Limits - Let's Encrypt). You may review certificates that have already been issued by visiting crt.sh | %mooo.com . Please note that it is not possible to ask for a rate limit to be manually cleared.

i have also used the


to check the site certificate and it comes back with a name mismatch error
any suggestions?

My domain is: cloudsaw.mooo.com

My web server is (include version):
nextcloud hub II version (23.0.2)

The operating system my web server runs on is (include version):
nextcloud pi v 1.47.1

My hosting provider, if applicable, is: self hosted

I can login to a root shell on my machine yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): yes next cloud integrated web config tool

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):

Please provide the commands you've run with the corresponding outputs. (The guide does not mention Let's Encrypt at all, so please provide us the necessary information yourself.)


not sure if this is what you are looking for but the following was displayed in the text box on the web tools

Saving debug log to /var/log/letsencrypt/letsencrypt.logcd ..
Plugins selected: Authenticator webroot, Installer None
Renewing an existing certificate for cloudsaw.mooo.com
Running deploy-hook command: /etc/letsencrypt/renewal-hooks/deploy/ncp

  • Congratulations! Your certificate and chain have been saved at:
    Your key file has been saved at:
    Your certificate will expire on 2022-07-16. To obtain a new or
    tweaked version of this certificate in the future, simply run
    certbot again. To non-interactively renew all of your
    certificates, run "certbot renew"
  • If you like Certbot, please consider supporting our work by:

Donating to ISRG / Let's Encrypt: Donate - Let's Encrypt
Donating to EFF: Support EFF's Work on Let's Encrypt | Electronic Frontier Foundation

INFO: Letsencrypt domain is cloudSAW.mooo.com
System config value trusted_domains => 11 set to string cloudSAW.mooo.com
System config value trusted_domains => 3 set to string cloudSAW.mooo.com
System config value overwrite.cli.url set to string https://cloudSAW.mooo.com/
System config value trusted_proxies => 11 set to string
System config value trusted_proxies => 12 set to string ::1
System config value trusted_proxies => 13 set to string cloudSAW.mooo.com
System config value trusted_proxies => 14 set to string
? redis is configured
? push server is receiving redis messages
? push server can load mount info from database
? push server can connect to the Nextcloud server
? push server is a trusted proxy
? push server is running the same version as the app
configuration saved

my Linux silks are not the best

It looks like you did get a certificate.

But it's not being used by your webserver. You have to install said certificate.

1 Like

Thanks for pointing me in the right direction i had assumed it was a certificate issue.
The web based configuration tool only did half the job it did not set the correct paths to the new certificates
i eventually found the following set of instructions to complete the settings


with a couple of changes
in step 2 change python-certbot-apache to pyhton3-certbot-apache

in step 6 if the tab complete fails to work use the command
php -version and use the first two version numbers

thanks again for your help


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.