Help (still not secure after renew the website)

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: www.cutefigurehk.com

I ran this command:
i browse my url, then it show the website has an expired certificate. however, i have renew it already. the new expired day is 2020-12-09
then i check on whynopadlock, it shows “You have an invalid or missing intermediate (bundle) certificate. This may not break your padlock on all browsers, but will on others. Please contact your SSL Vendor for assistance with this error.” and “You currently have TLSv1 enabled.
This version of TLS is being phased out. This warning won’t break your padlock, however if you run an eCommerce site, PCI requirements state that TLSv1 must be disabled by June 30, 2018.”

My web server is (include version):

The operating system my web server runs on is (include version): IOS

My hosting provider, if applicable, is: google cloud

I can login to a root shell on my machine (yes or no, or I don’t know):

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):

Please answer all the questions to the best of your knowledge. If your knowledge is insufficient to answer the question, please say so at the question.

Also, how did you obtain the certificate in the first place and how did you renew it? This is important information. because crystal balls are a myth and we can’t just guess what’s wrong with your system.

And another thing: you’ve renewed your certificate five times today! If it didn’t work the first time, there’s no reason to do the same again after again: without proper intervention, it will keep failing. Now you’re going to hit the 5 exact same hostname per certificate per week rate limit. I hope you still have those certificates and private keys around!

1 Like

Perhaps try restarting your webserver so the new certificate can be loaded?

i install it on google cloud ssh in the first time , then it expired 2 days ago. i just follow the YouTube to renew the ssl on ssh . (just copy the command) and try too many times. i have no knowledge about install , i just follow what he did…

Here’s a link to the ca bundle (intermediate certificate) you need:

https://letsencrypt.org/certs/letsencryptauthorityx3.pem

As I’ve said before, crystal balls don’t exist! Please be more informative:

But how did you do that? I have absolutely no idea what that means. SSH is just a method of communication with the server. What commands did you run?

The YouTube? What YouTube video are we talking about?

Oh @Osiris, don’t you know there is only ONE video on youtube! - LOL

1 Like


https://www.ranasvfx.com/install-free-ssl-certificate-bitnami-wordpress-on-google-cloud-platform/

i follow it

Are you using Bitnami?

If so, that guide is not the proper way to install a Let’s Encrypt certificate on Bitnami. Don’t use certbot, it will mess things up. Please follow the Bitnami guide: https://docs.bitnami.com/google/how-to/generate-install-lets-encrypt-ssl/

2 Likes

umm i think it is yes

thx let me try it…