Help: SSL Certificate Expired

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:

www.communityilab.ca

I ran this command:

Typed URL into browser

It produced this output:

Your connection is not private

Attackers might be trying to steal your information from communityilab.ca (for example, passwords, messages, or credit cards).

NET::ERR_CERT_DATE_INVALID

Back to safetyHIDE ADVANCED

This server could not prove that it is communityilab.ca ; its security certificate expired 3 days ago. This may be caused by a misconfiguration or an attacker intercepting your connection. Your computer’s clock is currently set to Friday, January 3, 2020. Does that look right? If not, you should correct your system’s clock and then refresh this page.

Hosting Provider is AWS who redirected me here.

1 Like

Sure enough, your certificate expired on January 1. The good news is that your expired certificate is issued by LetsEncrypt, so renewing might be easy enough. If you have the capacity to log on as root to your server, you can issue the command
#certbot renew
and see if that does the trick.

If that doesn’t work, please report back with the actual OS information for your virtual server; the command is
#uname -a

If you don’t have root access, you will need to find someone who does.

1 Like

Hello,

Thank you for your response! I tried to run the command and this was the error message that came up:

"Attempting to renew cert (communityilab.ca) from /etc/letsencrypt/renewal/communityilab.ca.
conf produced an unexpected error: The manual plugin is not working; there may be problems
with your existing configuration.
The error was: PluginError(‘An authentication script must be provided with --manual-auth-ho
ok when using the manual plugin non-interactively.’,). Skipping.
All renewal attempts failed. The following certs could not be renewed:
/etc/letsencrypt/live/communityilab.ca/fullchain.pem (failure)

"

do you know how to resolve this error?

1 Like

Hi @iLab

checking your domain there is a wildcard certificate - https://check-your-website.server-daten.de/?q=communityilab.ca#ct-logs

Issuer not before not after Domain names LE-Duplicate next LE
Let’s Encrypt Authority X3 2019-10-03 2020-01-01 *.communityilab.ca, communityilab.ca
2 entries
Let’s Encrypt Authority X3 2019-08-11 2019-11-09 communityilab.ca, www.communityilab.ca
2 entries

So you have to use dns validation.

Creating these certificates you may have created a TXT entry manual.

So do that again. renew doesn’t work with a manual action.

1 Like

It appears that either your system (certbot) configuration is
broken, or else has not been set up. that talks about how to do a manual (first-time)
certificate acquisition. I recommend that to get past your
immediate problem, and then I recommend reading on the certbot.org
site about the various ways that you can automate the certificate
renewal. By far the most popular are and methods, because the most common use of certificates is to support
https://

2 Likes

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.