Certificate Renewal

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:greenfreshflorals.com

I ran this command:

It produced this output:

My web server is (include version):fastcomet

The operating system my web server runs on is (include version): I have no idea

My hosting provider, if applicable, is: Fast Comet

I can login to a root shell on my machine (yes or no, or I don't know): yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): yes

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):

Here is a list of certificates that have been issued https://crt.sh/?q=greenfreshflorals.com, the latest one is on 2022-09-25 just 2 days ago. Looks like the Certificate Renewal worked.

And looks good here:
greenfreshflorals.com - SSL Server Test: greenfreshflorals.com (Powered by Qualys SSL Labs)
www.greenfreshflorals.com - SSL Server Test: www.greenfreshflorals.com (Powered by Qualys SSL Labs)

greenfreshflorals.com Let's Debug
www.greenfreshflorals.com Let's Debug
Show
CloudflareCDN

Warning

The domain greenfreshflorals.com is being served through Cloudflare CDN. Any Let's Encrypt certificate installed on the origin server will only encrypt traffic between the server and Cloudflare. It is strongly recommended that the SSL option 'Full SSL (strict)' be enabled.

https://support.cloudflare.com/hc/en-us/articles/200170416-What-do-the-SSL-options-mean-

3 Likes

@SDSTEVEN Can you explain more about what your problem is? Because I'm not sure what it is.

I do see a complicated collection of components. It looks like you have Shopify, with DNS from DNSimple which has a "behind the scenes" integration with Cloudflare. If that's correct you may need to contact the hosting service that organized this.

I also see your server sending out recently issued Let's Encrypt certs (same as Bruce showed). That's a good thing so not sure why you are posting.

We'll need more of a description to give best advice. Thanks

3 Likes

Not sure how/why, but the "www" has its' own cert:

[there are also two valid wildcard certs]

4 Likes

Here is what my cPanel is showing re: my certificate.

I can only embed one item in a post

And this is what is shown for certificates on my server.

See my posts below.

Possible helpful observation (but likely not).
Note the bottom are the one expiring on 2022-09-10 have 3 Matching Identities

2 Likes

Then something important is missing. Because your server is sending out the more recently issued certs. Use a site like this SSL Check site to see.

Your greenfreshflorals.com domain sends a cert with just its name. And, your www name sends out a cert with just its name. Both are valid and work just fine in browsers.

I don't know why they would not be visible to your cPanel. How did you acquire this most recent certs?

Is this cPanel info the problem you are seeking help with?

4 Likes

Thanks. I cannot see on my cPanel the certificates you reference that are valid and being used by my site. I’ll submit a ticket to cPanel to see if they can identify the issue. I am only seeing the certificates that are expired from Let’s Encrypt as you saw from the screen grabs. Thank you for being patient with me.

Steven

3 Likes

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.