How i'll get free ssl life time


#1

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:ctest.ndprojects.co.in

I ran this command:

It produced this output:

My web server is (include version):

The operating system my web server runs on is (include version):ubuntu 16.04

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don’t know):

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):


#2

How ill get free ssl life time

You can’t get a trusted certificate of more than 2 years with any Certificate Authority:

The CA/Browser Forum, an industry body made up of Certificate Authorities (CAs), web browsers and operating systems, recently passed ballot 193 to reduce the maximum validity period for SSL/TLS Certificates to two years

Let’s Encrypt certificate are valid 3 month, but you always can renew when they expire (as long as you control the domain)

More details: https://letsencrypt.org/2015/11/09/why-90-days.html


#3

Hi, Tdelmas,

How much I need to pay to renew for every month or year?


#4

ZERO.
LE certs are free.

They will accept donations if you are inclined to pay for them.


#5

Donating (or anything else for that matter) won’t change the Let’s Encrypt certificate lifetime though, it’s fixed. No exceptions.


#6

Can you plese suggest how to renew ssl in ubuntu xenial.


#7

For that you need to fill a little more the question:

Because it’s depends of the software you used to create the certificate.

The renew of a certificate is essentially the same as the creation, it will just check a few more things:
The software will probably not renew the certificate if it’s less than two month old (because it’s unnecessary and to avoid hitting rates limits)


#8

I used git hub for ssl creation.


#9

You mean you use GitHub pages for your domain?

https://help.github.com/articles/securing-your-github-pages-site-with-https/

So if I’m not mistaken, GitHub took care of the creation, and will take care of the renewal when needed.

The renewal will probably happen one month before the expiration (so 2 months after the creation). If 20 days before the expiration the certificate is not renewed, then there is probably a problem somewhere. (Let’s Encrypt sends renewal emails remember 20 days before the expiration, but you will not received them as GitHub created it for you)


#10

I used this “git clone https://github.com/letsencrypt/letsencrypt /opt/letsencrypt” and after cloning i run this command “./certbot-auto certonly --standalone”


#11

In my Let’s encrypt folder I have “certbot-auto” file can i run this file.


#13
cd /opt/letsencrypt
./certbot-auto renew

Should take care of it.


#14

Bit it giving this error how can i fix it.
1.“Attempting to renew cert (ctest.ndprojects.co.in) from /etc/letsencrypt/renewal/ctest.ndprojects.co.in.conf produced an unexpected error: Problem binding to port 443: Could not bind to IPv4 or IPv6… Skipping.
All renewal attempts failed. The following certs could not be renewed:
/etc/letsencrypt/live/ctest.ndprojects.co.in/fullchain.pem (failure)”

2.443 port running on Nginx.


#15

You probably need to run that with sudo:

sudo certbot-auto renew

#17

My SSL was renewed but in SSL checker it’s showing it will expire in 8 days but on my server, its showing expires date “2018-08-28”.
can you please conform it will renew or not.ssl


#18

You may need to restart your web server to pick up the new certificate.


#19

I did but still its not reflecting.
kindely check this url: https://www.sslshopper.com/ssl-checker.html#hostname=https://ctest.ndprojects.co.in/


#20

Here is another point of view:
https://www.ssllabs.com/ssltest/analyze.html?d=ctest.ndprojects.co.in
Which also shows:
Tue, 28 Aug 2018 05:14:16 UTC (expires in 2 months and 28 days)

Your previous cert will expire in 8 days.
See:
https://crt.sh/?q=ctest.ndprojects.co.in
https://crt.sh/?id=351027540 shows:
Validity
Not After : Jun 7 09:33:12 2018 GMT


#21

Hi,

These results were cached from May 29, 2018, 2:52 am PST to conserve server resources.
If you are diagnosing a certificate installation problem, you can get uncached results by clicking here.

As you can see from the small black print of the page…

You’ll need to see your certificate expiry date on the real website, crt.sh or ssllabs.com… not rely on a website that offer free service but mainly sell certificates (I’m not saying sslshopper or other kinds are not correct… Just please believe in yourself… Since your server is serving the renewed certificates…)

Thank you


#22

Specifically, you can check the current certificate on your site by running this command:

openssl s_client -connect ctest.ndprojects.co.in:443 -servername ctest.ndprojects.co.in -showcerts </dev/null| openssl x509 -text -noout

You can also visit the site in Chrome and hit F12 to open the developer console, then click on the “Security” tab and hit “View certificate.”