Err_cert_date_invalid

lee-ji-eun · December 21, 2021, 12:56am

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: int.dnew.co.kr

I ran this command:
/opt/certbot-auto delete --cert-name int.dnew.co.kr
/opt/certbot-auto certonly --server https://acme-v02.api.letsencrypt.org/directory --rsa-key-size 4096 --agree-tos --webroot -w /home/hosp_manage -d int.dnew.co.kr -d int.dnewmedia.co.kr -d intra.dnew.co.kr -d intra.dnewmedia.co.kr

It produced this output: ERR_CERT_DATE_INVALID

My web server is (include version): centos6

The operating system my web server runs on is (include version): apache2

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don't know): Y

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): Y

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): certbot 1.10.1

exist valid certificate, but sometimes open invalid certificate homepage..

apache restart after new certificate

webprofusion · December 21, 2021, 1:21am

Your certificate is valid but I can confirm that sometimes your server is responding with the old certificate. Are you load balancing your requests across more than one server or have you recently updated DNS to point to a different server?

lee-ji-eun · December 21, 2021, 1:50am

Are you load balancing your requests across more than one server > No..

or have you recently updated DNS to point to a different server?

i updated DNS to different server one month ago. but, updated to original server again. (ex, A > B > A)

and same problem arises vip.dnew.co.kr

vip.dnew.co.kr
: Are you load balancing your requests across more than one server > No..
or have you recently updated DNS to point to a different server? > No

webprofusion · December 21, 2021, 1:53am

Ok, so could server B still be responding to some requests?

lee-ji-eun · December 21, 2021, 1:57am

yes, i check apache logs(access-log) still be responding to some requests...
but i check int.dnew.co.kr and to have none vip.dnew.co.kr
That's weird...

rg305 · December 21, 2021, 5:45am

Please show the outputs of:
top
ps -ef | grep apache | grep -v grep

lee-ji-eun · December 21, 2021, 6:35am

root      1651     1  0  2020 ?        03:57:40 /opt/apache/bin/httpd -k start
daemon    3160 24152  0 13:03 ?        00:00:00 /opt/apache/bin/httpd -k restart
daemon    3744  1651  0 Nov22 ?        00:00:30 /opt/apache/bin/httpd -k start
daemon    5440 24152  0 13:51 ?        00:00:00 /opt/apache/bin/httpd -k restart
daemon    5441 24152  0 13:51 ?        00:00:00 /opt/apache/bin/httpd -k restart
daemon    7498 24152  0 14:35 ?        00:00:00 /opt/apache/bin/httpd -k restart
daemon    7499 24152  0 14:35 ?        00:00:00 /opt/apache/bin/httpd -k restart
daemon    8188 24152  0 14:51 ?        00:00:00 /opt/apache/bin/httpd -k restart
daemon   10311  1651  0 Nov15 ?        00:00:30 /opt/apache/bin/httpd -k start
daemon   13215  1651  0 05:18 ?        00:00:01 /opt/apache/bin/httpd -k start
daemon   13792  1651  0 Dec13 ?        00:00:30 /opt/apache/bin/httpd -k start
daemon   20997  1651  0 Dec20 ?        00:00:01 /opt/apache/bin/httpd -k start
daemon   21241  1651  0 08:13 ?        00:00:01 /opt/apache/bin/httpd -k start
daemon   24073  1651  0 09:11 ?        00:00:01 /opt/apache/bin/httpd -k start
root     24152     1  0 09:13 ?        00:00:00 /opt/apache/bin/httpd -k restart
daemon   26253  1651  0 Dec20 ?        00:00:01 /opt/apache/bin/httpd -k start
daemon   26266  1651  0 Dec20 ?        00:00:01 /opt/apache/bin/httpd -k start
daemon   26948  1651  0 Dec20 ?        00:00:01 /opt/apache/bin/httpd -k start
daemon   27422  1651  0 Dec20 ?        00:00:01 /opt/apache/bin/httpd -k start
daemon   27467 24152  0 10:06 ?        00:00:01 /opt/apache/bin/httpd -k restart
daemon   27545  1651  0 Nov11 ?        00:00:30 /opt/apache/bin/httpd -k start
daemon   27701 24152  0 10:10 ?        00:00:01 /opt/apache/bin/httpd -k restart
daemon   28107  1651  0 Dec20 ?        00:00:01 /opt/apache/bin/httpd -k start
daemon   29169  1651  0 Dec05 ?        00:00:31 /opt/apache/bin/httpd -k start
daemon   29312  1651  0 Dec20 ?        00:00:03 /opt/apache/bin/httpd -k start
daemon   31461 24152  0 11:34 ?        00:00:00 /opt/apache/bin/httpd -k restart
daemon   31917  1651  0 Dec20 ?        00:00:30 /opt/apache/bin/httpd -k start

rg305 · December 21, 2021, 6:45am

There appear to be two running httpd processes:
PIDs 1651 and 24152:

1651 all say "start"
24152 all say "restart"
I'm not sure how they should look.

But if you can restart/reboot the entire system OR kill both of those processes and restart apache, the problem might go away.

system · January 20, 2022, 6:46am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.