Https on website not working


#1

My domain is: http://www.carboncourts.com

I ran this command: https://www.carboncourts.com

It produced this output: your connection is not secure, secure connection failed

My web server is (include version): IIS 10.014393

The operating system my web server runs on is (include version): windows server 2016

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don’t know):

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):

I an VERY new to SSL certificate installation. But I installed the lets encrypt program and the certificate was stored in the web hosting store. (not sure if that was correct or not?)

My website is working with HTTP but not HTTPS.
I believe I installed the certificate properly.
I have both bindings setup for port 80 and 443.
the router is forwarding https to port 443.
port 443 is listening.

I’m not sure what went wrong. I wasn’t sure if there were any other steps after the certificate installation?

Can someone kindly assist?
Thanks in advance.


#2

Hi,

Although port 443 is listening, there might be a firewall before the server/router…

Please check it (or the ISP)

Querying target system called:

www.carboncourts.com

Attempting to resolve name to IP address…

Name resolved to 24.229.84.29

querying…

TCP port 443 (https service): FILTERED

Thank you


#3

the next issue is that the browser says the site is not secure. that there is a mismatched address.


#4

Hi @annschlough

there is a self signed certificate.

Please share a screenshot of your bindings.

Perhaps there is a default binding, which is wrong.


#5

ok, I think the issue is there are two certificates. one from the CA on the webserver and one from lets encrypt. I
don’t know how to get rid of CA one. I revoked the certificate and now I get a browser error message that the cert is revoked. I just need the www.carboncourts.com cert to be used.


#6

You don’t need to revoke certificates if the private key isn’t stolen.

It’s only the configuration of your https - binding you have to change.


#7

Hi,

Now the certidicate is on the site…

Just one simple question:
Are you sure to use a certificate that contains only the www version of your site?

Thank you


#8

hmm. when I ran the lets encrypt program, should I have put https? I can’t remember if it asked that?


#9

I realized I didn’t need to revoke the certificate afterwards. what is happening is that the correct certificate is not being used. I don’t know how to fix it.


#10

Emm… I’m not sure but the current certificate on your website is a let’s encrypt signed one…and issued on Sept.20 2018.

Also, it’s better to include www and the root domain… Since that would reduce the rate of “domain mismatch error”

Thank you


#11

You have revoked your Letsencrypt - certificate:

This is with Edge.

Same with Chrome:

NET::ERR_CERT_REVOKED

Subject: www.carboncourts.com

Issuer: Let’s Encrypt Authority X3

Expires on: 19.12.2018

Current date: 24.09.2018

So first you need a new Letsencrypt certificate.


#12

Now it works - :wink: :heart_eyes:

https://www.carboncourts.com/

New Letsencryt-certificate, created today.


#13

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.