It produced this output: "This is no securety connection"
My web server is (include version): Celeros Internet GmbH, Forsthof Hagen 3-7, 22926 Ahrensburg
The operating system my web server runs on is (include version): Windows Version 21H1
My hosting provider, if applicable, is:
I can login to a root shell on my machine (yes or no, or I don't know): I don't know
I'm using a control panel to manage my site (no, or provide the name and version of the control panel): I don't know
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): I don't know
Hello,
I startet the Lets Encrypt certification some month ago. But now there are emails like you can see down this mail. But I don not know, how to rebuild the site without this mail by you:
Upon inspecting the certificate history of subaru-impreza.de, I discovered the absolutely massive number of overlapping certificates issued for subaru-impreza.de and its various subdomains. While there's nothing wrong with doing things this way, it does appear that there may be a misunderstanding of what certificate(s) to issue and how to organize. This might be a case where a wildcard certificate would be entirely appropriate, especially given the wildcard IPv4 address in the DNS.
Thank you for both of your answers! Unfortunately, I am not very familiar with PCs. It's a really long list!! Where can I find the WildCard from? And then do I have to rewrite all values manually?
Where can I find this?
Would it be able to reduce it until 10 numbers instead of 300?
I'm assuming that you ran sudo nginx -T (the command I was asking for the output of) and found the output to be very long as expected. Rather than copying-and-pasting the output into a post, you simply can upload an output.txt file here, which can be generated as follows:
Hello,
I am so bad knowing anything about internet creating . It has worked until the last 15 years. But now, these "crypt" had to be insered at my page. Okay, no problem. I needed a help but everything was good. But why do they now, 3 months later, writes the home page about "unsecure connection"?
So I wrote a bit... . Where could I find "sudo nginx -T", "upload an output.txt file"? You gonna think that I am a stupid boy... And you are right . Would you help me nevertheless?
Frank
@Impreza there is a computer called www.subaru-impreza.de which apparently is in the datacenter of RockingHoster GmbH in Hamburg. Everyone's questions here are about that computer.
What software does it run?
Who is the administrator? (Is it you, or is it your hosting company?)
How is it administered? (What would someone do to change its configuration, or add or remove software there?)
Related to this... how did you originally obtain or create this web site? Did someone else set it up for you? Was it previously hosted with a different hosting company?
These are tasks to be done by the administrator of the web server machine, using SSH for remote access.
(note: this article is mostly about technical details of SSH, not a guide or tutorial for how to start using it)
With some web hosting plans, the customer is the system administrator of the web server (and is then given a password or other authentication mechanism to connect to the web server using SSH in order to administer it). With other web hosting plans, the customer is not the system administrator, and may have to use, for example, a Plesk or other control panel web interface to make (limited) changes to settings on the web server.
@webprofusion Thank you for this information. So I do not this Plesk of my home machine.
@schoen Also many thanks to your information. I will try to answer as good as I can...
Is it right, that nobody can open my www.subaru-impreza.de if it is automatical only warned for all the users? Some friends of me could open it and now it is possible for them to open this internet site. I think, only these users who know that, can use my website. Is that right?
My software that I use is the very old "FrontPage 2003". I know it is very old, but computers are really not my friends . I allways use "FileZilla" to bring all data to the internet data. Everything is made with the "Windows" (see above "64-Bit-system. Windows Version 20H2")
The administrator should be "Celeros Internet GmbH". He take the domains subaru-impreza.de and *.net and he helped at the Encrypt problem 6 months ago. Do you think that he could help for this? I have an own number at his company: CEL17866.
The administrator just helped but I do not think that anything has been changed. Is it possible that some bad words was mentioned at my homepage? Some words are not allowed any more and that is the reason why my page is mentioned? (I did not mention anything bad words.)
So I build the homepage in 2005 starting. Everything was used by me, nobody else have helped. But now I need this help, because it is so much secure software at the hole internet... So you are right: I created the homepage but there was no different hosting company. But if you mean the actuell domain company it is the "Celeros Internet GmbH" (Ahrensburg, Hamburg, Germany).
The "sdo nginx..." must have done another one. I did not hear or read these words. Also SSH for remote access I do not know this.
Could you help me with this problems? I think that it is very simple for you, but I am such a bad computer user... . I will never find that problem without you.
I had a first impression in response to your comments here, but then I checked more closely and now have a different thought about the solution to your problem.
This makes me think that this administrator has the SSH access that we're talking about (rather than you), so if there are tasks in the future that require this kind of administrator access, you will probably need to get this person to do them for you.
Let's Encrypt's certificate issuance doesn't have a content-based policy associated with it and the certificates would not be revoked (or refused renewal) based on the content of the site. (Some Internet companies do have these policies, like social media or something, but usually not "infrastructure" services like Let's Encrypt.)
So, I just checked more closely.
The current problem is not with your certificate at all, but rather with mixed content.
If these pages are too complex for you in English you could try
(some German sources use the English term "mixed content", or occasionally German "gemischter Content", "gemischte Inhalte")
One reason that you might have encountered people with different experiences (error versus no error) is that different web browsers have different levels of warnings about mixed content today. One web browser might display a small, subtle icon to warn about it, while another might display a conspicuous error message. So, some users might think the page is fine, while others might think there is an important security problem, depending on how their web browser software decides to display this warning!
To fix this, you need to find the insecure (HTTP) resources inside your page and change them to secure (HTTPS) equivalents, so that the page content is 100% loaded over HTTPS. Then all browsers should stop displaying these warnings.
thank you very much! I think I will get it done. My Domains .de and .net are working quite good. Only the .com doesn't work. I just have to write to NamePal.com. Maybe they could set it back to the older settings.
Absolute top are the last text. I think It must be possible.