I can't log in to my Website when I use mobile network

Help
1

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: www.newoption.com.au

I ran this command:yes

It produced this output:

My web server is (include version):

The operating system my web server runs on is (include version):

My hosting provider, if applicable, is: crazy domain

I can login to a root shell on my machine (yes or no, or I don't know):

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):

2

Is there any reason you believe your problem has anything to do with Let's Encrypt? Because nothing in what you posted suggests this in any way. Please explain why you think Let's Encrypt is involved.

I'm able to reach your site, it properly redirects to HTTPS, and it has a valid certificate that is not from Let's Encrypt. I can't imagine how you think whatever problem you're having has anything at all to do with Let's Encrypt.

5 Likes
3

Hi @Isuru, and welcome to the LE community forum :slight_smile:

I don't understand how we can help you with a login problem.
Please provide more details that might shed some light on the problem.

3 Likes
4

That part did not occur for me when visiting the www hostname via HTTP. I was not redirected to HTTPS. Loading the www hostname directly over HTTPS returned NET::ERR_CERT_COMMON_NAME_INVALID

Identical results occurred using the apex name.

This is most likely due to the A and AAAA records pointing to different hosts. My network prefers IPv6 and was sent to a host that has a Let's Encrypt certificate that covers six cPanel related hostnames in the same domain, but not the apex or the www.

Regardless, this appears to be something that the site's hosting provider would need to fix.

2 Likes
5

Was that via IPv4 or IPv6?

Name:      newoption.com.au
Addresses: 2404:8280:a222:bbbb:bba1:57:ffff:ffff
           43.250.251.20
Aliases:   www.newoption.com.au
2 Likes
6 
curl -Ii4 www.newoption.com.au
HTTP/1.1 302 Found
Server: nginx
Date: Fri, 19 Apr 2024 13:52:43 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 208
Location: http://newoption.com.au/

curl -Ii6 www.newoption.com.au
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 19 Apr 2024 13:52:53 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/8.2.11
Upgrade: h2,h2c

curl -Ii4 newoption.com.au
HTTP/1.1 302 Found
Server: nginx
Date: Fri, 19 Apr 2024 13:53:10 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 209
Location: https://newoption.com.au/

curl -Ii6 newoption.com.au
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 19 Apr 2024 13:53:14 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/8.2.11
Upgrade: h2,h2c
1 Like
7

The IPv4 connection uses a proper cert but one issued by USERTRUST Network

The IPv6 connection, as @linkp notes, uses an LE cert but which does not contain the correct domain names.

They point to very different servers.

The mobile connection probably uses IPv6 so gets the wrong one

@Isuru See the results at SSL Labs
https://www.ssllabs.com/ssltest/analyze.html?d=newoption.com.au&hideResults=on

4 Likes
8

:wink: :beers: :wink:

3 Likes
9

image

4 Likes