Hello.
I recently moved out of a webhosting company(siteground) that used Let’s Encrypt certificates to a new company that does not use let’s encrypt.
I also added cloudflare to my domain and the main problem is i get these 404 not found errors:
Agent info : Mozilla/5.0 (compatible; Let’s Encrypt validation server; +https://www.letsencrypt.org)
Siteground support told me they removed my certificate from their system, but i still get those errors.
How can i stop this validation process, since i am not using Lets encrypt?
As i said, my former webhosting(siteground) said they deleted everything about my domain and if i still get those errors i should contact Let’s Encrypt directly.
That’s why i asked here
Well, someone is triggering a validation. Let's Encrypt doesn't try to validate hostnames on its own: it's always triggered by some ACME client.
If your previous webhost is really the only one who ever tried to validate Let's Encrypt certificates, they didn't clean up properly enough. But perhaps you yourself have experimented back in the day? Perhaps somewhere there's an ACME client still running in a cronjob?
Also, did you receive these 404 errors even before you moved to the other hosting company? Or did it only start around the time you moved?
Try putting a kind CAA record into your DNS, which disallows Let's Encrypt CA to issue certificate for your domain. The boulder will stop fireing challenge URLs to your host.
If you are using Cloudflare, they might also request Let’s Encrypt certificates on your behalf. I’m not sure what’s the conditions here, but there’s previous reports seeing cloudflare universal SSL issued by Let’s Encrypt. (Also supported by their CAA record)
Are you sure you’ve deleted everything in siteground on your end? (Like your domains in the package?)
Now i disabled cronjob from wordpress, let’s see if this one will work.
I also did a test with www.check-your-website.server-daten.de and in the certifications section i got something interesting:
|CN=Let’s Encrypt Authority X3, O=Let’s Encrypt, C=US
|CN=CloudFlare Inc ECC CA-2, O=“CloudFlare, Inc.”, L=San Francisco, C=US, ST=CA
|CN=“cPanel, Inc. Certification Authority”, O=“cPanel, Inc.”, L=Houston, C=US, ST=TX
|CN=Cloudflare Inc ECC CA-3, O=“Cloudflare, Inc.”, C=US
As you can see, i got ssl from cloudflare, the cpanel one which is from my current webhosting company and the let’s encrypt one, so my guess is that they just simply deleted the certificate but didn’t revoke the certificate. One will expire at the end of this month and the second one will expire in august.
When i moved out of siteground i didn’t delete my files/database/etc… just canceled the subscription as it would expire soon. This is most likely my mistake, i rushed it, i should’ve revoked certificates first, delete all my files/db/etc… and then cancel my subscription.
deleting the private key -> nobody can use the certificate -> revocation isn't required
deleting / revoking a certificate doesn't change the wrong running renew job.
You have such a wrong running renew job with your domain name.
May be your old hoster, may be your current system.
That
may be the source of your checks. If your WordPress has created certificates and if you move the WordPress to a new server without cancelling that job, that produces renews again and again.
I didn't try that, because i don't want to block anything these request should not be happening, i disabled the ipv6 compatibility on cloudflare and now the errors have ipv4 adress mostly from AWS:
No, they shouldn't. So you need to figure out what's causing them. I don't think anyone here can help you with that, though my money's still on your old host.
Or you can ignore them--someone's trying to validate your domain, and it's failing, so they won't get the cert they're requesting. This isn't hurting you at all, unless a few kilobytes of traffic is a problem.