Installed Let's Encrypt SSL not showing HTTPS


#1

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: www.mca.ac.ug

I ran this command:
I used instructions from this video https://www.youtube.com/watch?v=WqCk9dVLoPw

It produced this output:
Successfully installed certificate but website still shows insecure on many browsers

My web server is (include version):
Apache. Shared webhosting

The operating system my web server runs on is (include version):
NGINX

My hosting provider, if applicable, is:
eUKhost LTD

I can login to a root shell on my machine (yes or no, or I don’t know):
NO

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
cPanel 76.0.18

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):
Not Sure


#2

did you install ssl chain ? fullchain,pem


#3

There is a cert mismatch: https://www.ssllabs.com/ssltest/analyze.html?d=www.mca.ac.ug

[one site is using another sites’ cert]


#4

you can try -d *.mca.ac.ug -d mca.ac.ug


#5

Three things wrong with that:

  1. Always use quotes around asterisks; so: -d "*.mca.ac.ug" -d mca.ac.ug
  2. The mismatched cert is from a completely different domain (“milima.org”), so a wildcard cert won’t change anything.
  3. Wildcard certs would require changing the authentication method to DNS.

#6

I followed every instruction on that video so I can’t tell what went wrong. I also need to be honest, I am quite novice when it comes to SSL installations. Is there a site which offers step by step instructions on how to install SSL by Lets Encrypt for Wordpress website. Please note that I have no access to root but I have access to cPanel. Thanks again.


#7

I’m not familiar with cPanel.
But I do see that your sites works without the “www”: https://www.ssllabs.com/ssltest/analyze.html?d=mca.ac.ug&latest

So, perhaps, you just need to include the www as an alias and get a new cert that contains both names: “mca.ac.ug” & “www.mca.ac.ug”


#8

No need to put “” on wildcard domain . I didn’t see milima,org . just checked www.mca.ac.a=ug. :smiley:


#9

Is there a site which would give me step by step instructions so that I don’t repeat the same mistakes. Also, how do I deal with the stray domain milima.org?


#10

Please don’t say that.
Even if it works on your system that will NOT work on all systems.


#11

Hm . that is correct .


#12

The Internet is full of information, so I guess yes there is.
But I don’t use cPanel and don’t know of any particular site.

That is not something you need to “fix”.
It is a side effect of the web server looking for a name that it can’t serve.
So it serves the first/default site that matches the type of request (https).
You “fix” it by providing cPanel a way to know where “www.mca.ac.ug” is.