Lets encrypt broke my website

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: www.paulsheehanca.co.nz

I ran this command: lets encrypt

It produced this output: The page isn’t redirecting properly

My web server is (include version): 1st domains

The operating system my web server runs on is (include version): I have no idea

My hosting provider, if applicable, is: 1st domains

I can login to a root shell on my machine (yes or no, or I don’t know): don’t know

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):??

I tried to install the lets encrypt through plesk.
but it didn’t work properly. There are no instructions
firefox shows the error saying it didn’t redirect properly
Internet explorer says there is a problem with the certificate
On plesk it says remove dns record failure
Why? I was trying to install ssl not remove any dns records
I tried removing the certificate but I get this error
Unable to remove SSL/TLS certificates. One or more certificates are used by websites.

Hi @Ford

where did you run that command?

There are two errors ( https://check-your-website.server-daten.de/?q=paulsheehanca.co.nz ):

You have created one certificate with only one domain name:

expires in 90 days	paulsheehanca.co.nz - 1 entry

So the certificate doesn't work with your www version.

Plesk has a checkbox to add the www version, use that.

And you have wrong redirects:

Domainname Http-Status redirect Sec. G
http://paulsheehanca.co.nz/ 301 https://www.paulsheehanca.co.nz/ 0.593 E
http://www.paulsheehanca.co.nz/ 301 https://www.paulsheehanca.co.nz/ 0.610 A
https://paulsheehanca.co.nz/ 301 https://www.paulsheehanca.co.nz/ 2.984 B
https://www.paulsheehanca.co.nz/ 301 https://paulsheehanca.co.nz/ 3.314 N
Certificate error: RemoteCertificateNameMismatch

http -> https are ok.

But your https non www redirects to https + www, that redirects back to the https + non-www version.

So it's impossible to use your site.

How did you create these redirects? Remove one of the https -> https redirects.

1 Like

Sorry I have no idea what you are meaning
I tried to remove it but I can’t do that either
Unable to remove SSL/TLS certificates. One or more certificates are used by websites.

To be perfectly clear: Let’s Encrypt didn’t break your site! Let’s Encrypt is just a Certificate Authority from which you can get free and publically accepted TLS certificates.

As you have used Plesk to enable HTTPS and afterwards your site broke, it is Plesk which has broken your site!

So the solution is also in Plesk. Not Let’s Encrypt.

Further more, if you would like to have the help from this Let’s Encrypt community of volunteers, you’re not giving us much to work here. So you’re saying (in your second post) you clicked on some buttons in Plesk. Which version of Plesk? Which button(s)? Do you have screenshots? Did it give you some kind of feedback? If so, what is the litteral copy/paste of that feedback? Or even better, another screenshot?

I just think it will be best to try and remove it.
I will try and contact plesk.
I don’t know what version of plesk.
Its done thought 1st domains.

I managed to remove it
But still cannot access the website

now when I go to the website it immediately diverts to 1stdomains website

Website is working now managed to remove the cert
I will contact plesk

I spoke to 1st domains and they got the website going and told me I need to install a plugin called Really simple SSL. When I first go to the website I get a bad cert domain error on Firefox. On IE it says continue to this website not recommended. 1st Domains did something to get it going initially but now I have to tell new visitors that the first time they visit the website they are going to get that error. That doesn’t seem right. I think 1st Domains turned on the SSL. I logged back into Pleask and under Websites and domains the security certificate still says Lets encrypt.

1 Like

Looks like you use that plugin incomplete.

Your connections ( https://check-your-website.server-daten.de/?q=paulsheehanca.co.nz ):

Domainname Http-Status redirect Sec. G
http://paulsheehanca.co.nz/ 301 https://paulsheehanca.co.nz/ 0.597 A
http://www.paulsheehanca.co.nz/ 301 https://www.paulsheehanca.co.nz/ 0.644 A
https://www.paulsheehanca.co.nz/ 301 https://paulsheehanca.co.nz/ 3.143 N
Certificate error: RemoteCertificateNameMismatch
https://paulsheehanca.co.nz/ 200 3.697 B

The www version isn't secure, the non-www version is ok.

Reason: Your certificate has only one domain name:

expires in 82 days	paulsheehanca.co.nz - 1 entry

Create one certificate with both domain names (non-www and www) and use that.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.