Certificate renewed on Plesk but browser see old one

Hi all,
i've renewed Let's Encrypt certificate on 2 subdomains thorugh Plesk
Update TXT record on DNS manager and all run as well, no errors and no issues.
Whe i navigate the browser (every browser) i find subdomains are not secured because browsers see old exipred certificates.

Scanning subdomains with ssllabs i find they have right SSL certiifcates that will expire on November

In you opinion why it happens?
Thank you for any help
Giorgio

1 Like

When you opened this thread in the Help section, you should have been provided with a questionnaire. Maybe you didn't get it somehow (which is weird), or you've decided to delete it. In any case, all the answers to this questionnaire are required:


Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:

I ran this command:

It produced this output:

My web server is (include version):

The operating system my web server runs on is (include version):

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don't know):

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):

2 Likes

My domain is:
https://api.lineaverdesc.com:3002/

I ran this command:
https://api.lineaverdesc.com:3002/

It produced this output:
Validity Period
Issued On|Tuesday, May 21, 2024 at 12:21:23 PM|
Expires On|Monday, August 19, 2024 at 12:21:22 PM|

My web server is (include version):
Server version: Apache/2.4.41 (Ubuntu)
Server built: 2024-07-17T18:58:09
nginx version: nginx/1.18.0 (Ubuntu)

The operating system my web server runs on is (include version):
Distributor ID: Ubuntu
Description: Ubuntu 20.04.6 LTS
Release: 20.04
Codename: focal

My hosting provider, if applicable, is:
Aruba (Italy)

I can login to a root shell on my machine (yes or no, or I don't know):
Yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
Plesk

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):
Plesk Obsidian v18.0.63_build1800240825.09 os_Ubuntu 20.04

Your Apache server handling the HTTPS requests using port 443 use the new cert from Aug28.

But, your Express server on port 3002 is not. Did you update it for the new cert or perhaps it just needs a restart to see the new cert.

Check both ports with a test site like this:

4 Likes

Interesting.
Express is up, but I didn't guess I have to update something on it.
I check immediatly and I will give you a feedback, tnx

1 Like

And the winner is?
Thank you Mike you save my sad day.
I forgot i secured express
But renewing Let's Encrypt I must update file names

So every time I renew Let-s Encrypt on Plesk I will have to remember to update Express as well.
These files will always increase in number it seems.
Do you think there is a way to avoid this task?

2 Likes

Just refer to the file name in the ../live/... folder instead of ../archive/...

The live file name is a symlink that always points to the most recent cert.

You still may need to reload Express after getting a fresh cert. I am not sure if it picks up changes automatically

4 Likes

Wow, great.
My Linux knowledge needs to be improved in the future.
Really thanks for the tips, if you pass by Venice I'll offer you a beer

3 Likes

It has been a while since I have been but I'll try to remember for next visit :slight_smile:

4 Likes

You are welcome

2 Likes

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.