Chrome convinced my cert is not valid

bguthro · October 16, 2017, 12:20am

Hello,

Despite my cert reporting as not needing renewal from “/opt/letsencrypt/certbot-auto renew” -

Processing /etc/letsencrypt/renewal/api.pktskilodge.org.conf

Cert not yet due for renewal

Processing /etc/letsencrypt/renewal/private.pktskilodge.org.conf

Cert not yet due for renewal

Chrome is reporting it as “not secure”.

It appears to still be valid:
openssl x509 -in /etc/letsencrypt/live/private.pktskilodge.org/cert.pem -text -noout | grep "Not After"
Not After : Dec 23 17:00:00 2017 GMT

I have tried rebooting, and reloading apache…without success.

The server’s IP address changed recently - could this be the problem? If so, how can I resolve it?

Thanks in advance
Ben

jared.m · October 16, 2017, 12:29am

Which URL is causing you an issue? Both api.pktskilodge.org and private.pktskilodge.org look good on SSLLabs from a certificate perspective, and IP changes wouldn’t affect anything. What’s the exact error message Chrome is giving you when it’s telling you it’s not secure? (The ERR_SOMETHING text)

bguthro · October 16, 2017, 12:45am

huh. Figures…it was giving errors before…but is OK now. This must be a PEBCAK error. Apologies for the noise.

system · November 15, 2017, 12:45am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.