Err_cert_date_invalid

Help
1

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: int.dnew.co.kr

I ran this command:
/opt/certbot-auto delete --cert-name int.dnew.co.kr
/opt/certbot-auto certonly --server https://acme-v02.api.letsencrypt.org/directory --rsa-key-size 4096 --agree-tos --webroot -w /home/hosp_manage -d int.dnew.co.kr -d int.dnewmedia.co.kr -d intra.dnew.co.kr -d intra.dnewmedia.co.kr

It produced this output: ERR_CERT_DATE_INVALID

My web server is (include version): centos6

The operating system my web server runs on is (include version): apache2

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don't know): Y

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): Y

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): certbot 1.10.1

exist valid certificate, but sometimes open invalid certificate homepage..

apache restart after new certificate

2

Your certificate is valid but I can confirm that sometimes your server is responding with the old certificate. Are you load balancing your requests across more than one server or have you recently updated DNS to point to a different server?

2 Likes
3

Are you load balancing your requests across more than one server > No..

or have you recently updated DNS to point to a different server?

i updated DNS to different server one month ago. but, updated to original server again. (ex, A > B > A)

and same problem arises vip.dnew.co.kr

vip.dnew.co.kr
: Are you load balancing your requests across more than one server > No..
or have you recently updated DNS to point to a different server? > No

4

Ok, so could server B still be responding to some requests?

1 Like
5

yes, i check apache logs(access-log) still be responding to some requests...
but i check int.dnew.co.kr and to have none vip.dnew.co.kr
That's weird... :frowning:

6

Please show the outputs of:
top
ps -ef | grep apache | grep -v grep

2 Likes
7 
root      1651     1  0  2020 ?        03:57:40 /opt/apache/bin/httpd -k start
daemon    3160 24152  0 13:03 ?        00:00:00 /opt/apache/bin/httpd -k restart
daemon    3744  1651  0 Nov22 ?        00:00:30 /opt/apache/bin/httpd -k start
daemon    5440 24152  0 13:51 ?        00:00:00 /opt/apache/bin/httpd -k restart
daemon    5441 24152  0 13:51 ?        00:00:00 /opt/apache/bin/httpd -k restart
daemon    7498 24152  0 14:35 ?        00:00:00 /opt/apache/bin/httpd -k restart
daemon    7499 24152  0 14:35 ?        00:00:00 /opt/apache/bin/httpd -k restart
daemon    8188 24152  0 14:51 ?        00:00:00 /opt/apache/bin/httpd -k restart
daemon   10311  1651  0 Nov15 ?        00:00:30 /opt/apache/bin/httpd -k start
daemon   13215  1651  0 05:18 ?        00:00:01 /opt/apache/bin/httpd -k start
daemon   13792  1651  0 Dec13 ?        00:00:30 /opt/apache/bin/httpd -k start
daemon   20997  1651  0 Dec20 ?        00:00:01 /opt/apache/bin/httpd -k start
daemon   21241  1651  0 08:13 ?        00:00:01 /opt/apache/bin/httpd -k start
daemon   24073  1651  0 09:11 ?        00:00:01 /opt/apache/bin/httpd -k start
root     24152     1  0 09:13 ?        00:00:00 /opt/apache/bin/httpd -k restart
daemon   26253  1651  0 Dec20 ?        00:00:01 /opt/apache/bin/httpd -k start
daemon   26266  1651  0 Dec20 ?        00:00:01 /opt/apache/bin/httpd -k start
daemon   26948  1651  0 Dec20 ?        00:00:01 /opt/apache/bin/httpd -k start
daemon   27422  1651  0 Dec20 ?        00:00:01 /opt/apache/bin/httpd -k start
daemon   27467 24152  0 10:06 ?        00:00:01 /opt/apache/bin/httpd -k restart
daemon   27545  1651  0 Nov11 ?        00:00:30 /opt/apache/bin/httpd -k start
daemon   27701 24152  0 10:10 ?        00:00:01 /opt/apache/bin/httpd -k restart
daemon   28107  1651  0 Dec20 ?        00:00:01 /opt/apache/bin/httpd -k start
daemon   29169  1651  0 Dec05 ?        00:00:31 /opt/apache/bin/httpd -k start
daemon   29312  1651  0 Dec20 ?        00:00:03 /opt/apache/bin/httpd -k start
daemon   31461 24152  0 11:34 ?        00:00:00 /opt/apache/bin/httpd -k restart
daemon   31917  1651  0 Dec20 ?        00:00:30 /opt/apache/bin/httpd -k start
8

There appear to be two running httpd processes:
PIDs 1651 and 24152:

1651 all say "start"
24152 all say "restart"
I'm not sure how they should look.

But if you can restart/reboot the entire system OR kill both of those processes and restart apache, the problem might go away.

3 Likes
9

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.