Certificate test passed, but going to the site said cert invalid on a .earth site


#1

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: satpaq.earth

I ran this command: sudo certbot --apache -d satpaq.earth

It produced this output: it completed successfully like other sites I have set up before

My web server is (include version): Apache 2.4.18

The operating system my web server runs on is (include version): Ubuntu 16.04

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don’t know): Yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): No

Notes:

I have successfully set this up on several other machines, but am having problems specifically with a .earth domain. After the install completed successfully I ran the verification test (https://www.ssllabs.com/ssltest/analyze.html?d=satpaq.earth&latest) and that passes, but when visiting the site it says that the certificate is invalid. In troubleshooting I removed and reinstalled certbot, but hit the domain limit so it is currently down. I wanted to ask if ‘.earth’ is fully supported as I am running out of other possible reasons this is not working.

Thanks,
-David


#2

Hi @dcooper

you have created a lot of certificates

https://crt.sh/?q=satpaq.earth

5 Precertificates -> then this hits the limit.

But: Your local configuration is wrong:

http://satpaq.earth:443/

shows

Forbidden

You don’t have permission to access / on this server.
Apache/2.4.18 (Ubuntu) Server at satpaq.earth Port 443

So you load HTTP - content from Port 443, not https-Content.

https://satpaq.earth/

says:

Ein Fehler ist während einer Verbindung mit satpaq.earth aufgetreten. SSL hat einen Eintrag erhalten, der die maximal erlaubte Länge überschritten hat. Fehlercode: SSL_ERROR_RX_RECORD_TOO_LONG

Your content is not the content the browser wants to establish a SSL-Connection.

Configure https / Port 443.


#3

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.