ERR_CERT_INVALID for Node + Express + Raspberry Pi

My domain is:

I ran this command: sudo certbot certonly --webroot -w ./public/ -d

It produced this output:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Starting new HTTPS connection (1):
Cert not yet due for renewal

You have an existing certificate that has exactly the same domains or certificate name you requested and isn’t close to expiry.
(ref: /etc/letsencrypt/renewal/

My web server is (include version): Node (4.2.1) + Express (4.14)

The operating system my web server runs on is (include version): (Raspberry Pi Debian Jessie)

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don’t know): yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no


This message means you've already got a certificate with the same domain name..

Can you please run sudo certbot certificates and see if there's any certificate that contains this name & not expired yet?

If so, you could just use that certificate.

Thank you

Hi @oriharel

your http - version works. But your https - version has a timeout. So I can't test your website.

You have a lot active certificates:;include_subdomains:false;

Normally, you need only one or two. And you have created 4 new certificates today.

After running this command I get this:

Found the following certs:
Certificate Name:
Expiry Date: 2018-12-07 11:30:28+00:00 (VALID: 89 days)
Certificate Path: /etc/letsencrypt/live/
Private Key Path: /etc/letsencrypt/live/

So I have a certificate that is not expired yet.

From my Express app - I can’t access the .pem files. So what I did is I copied them into another folder, chown them for the user that runs the web server (pi) and point my Express app to that.
I even run
openssl verify -CAfile chain.pem cert.pem
and that returns OK.

So why is in error with ERR_CERT_INVALID?

I know it has a time out - this is why I’m asking for help here. About the multiple active certificates - this is me trying to troubleshoot this situation.
Everything seems to be configured correctly but still returns an error with ERR_CERT_INVALID

Your webserver

what is that? Apache, nginx? Or another software?

And why is the certificate invalide? Wrong domain? Self signed?


Can you please check if there's an firewall issue?

Since my scanner told me there's a firewall issue or that port is filtered by your ISP...

Only port 22 & 80 is open...

I'm not exactly sure... Since i can't even connect to your server...

Thank you

It's Express :smile:

Worked https earlier? Or is this the first time you want to activate https?

Did you created something like that?

PS: Now I am able to connect via https - MOZILLA_PKIX_ERROR_SELF_SIGNED_CERT

You’re correct! I didn’t port-forwarded 443!! now it works, thanks!!

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.