Certificate won't work

techgrapple · January 8, 2021, 12:44am

I have added let's encrypt for domains and subdomains all work fine, but it doesn't work for one website "lifequotes.pictures". I get no error, it activates and shows that certificate is active. However, when I try to browse that site it shows certificate is not valid and blocks connection.

I checked my folder /.well-known/acme-challenge/ and found it was empty. That' the reason it is failing to work. I tried issuing certicate multiple times, so I have also been blocked to issue new certificate for that domain because of LetsEncrypt limition to issue limited number of certificate. Now tell me how I can work around. Is there any way to put the file into /.well-known/acme-challenge/ folder manually. If so, that should work for me. (Note: I have also tried DNS verification, but same msg that I have already issued too many certificates).

My domain is: lifequotes.pictures

I ran this command: Added Certificate Through control center

It produced this output: No Error (Added Successfull) and I have the certificate

My web server is (include version): Nginx 1.9

I can login to a root shell on my machine (yes or no, or I don't know): Yes

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): Not Sure

schoen · January 8, 2021, 1:38am

Hi @techgrapple,

I think this shows you are misunderstanding the process. The /.well-known/acme-challenge location is just used while requesting a new certificate, in order to prove that the person requesting the certificate really controls the web site it refers to.

Once you have the certificate you requested, you don't need to place or keep any files in /.well-known/acme-challenge because the challenge is already completed.

What sort of control center is this? Who provided it to you? What does it look like when you add the certificate this way?

techgrapple · January 8, 2021, 1:49am

So I got rid of those instances. I have wasted my attempts. So how long I have to wait before I can issue another certificate?

schoen · January 8, 2021, 1:57am

Seven days:

techgrapple · January 8, 2021, 7:43am

Thanks. Having same issue on 3 sites, holding same domain and subdomain. Here is one of them : games.forkids.education.

Error in sslshoper: The certificate is not trusted in all web browsers. You may need to install an Intermediate/chain certificate to link it to a trusted root certificate.

Any suggestion how I would fix it?

techgrapple · January 8, 2021, 8:01am

Never Mind. Fixed it.