Buenas, genere un certificado el cual se venció.
Trate de generar otro para estas direccion beautysalome.com *.beautysalome.com, todo funciono perfecto, eso lo hice en https://zerossl.com pero no me genero el domain-key y repetí el proceso varias veces, ahora no me deja generar certificados para esa dirección, cual seria la solución para ese caso.
Me Dice que hay demasiado certificados para esa direccion.
Hi @rastafarey
you have created 5 identical certificates ( https://check-your-website.server-daten.de/?q=beautysalome.com ):
| CertSpotter-Id | Issuer | not before | not after | Domain names | LE-Duplicate | next LE |
|---|---|---|---|---|---|---|
| 929859429 | CN=Let’s Encrypt Authority X3, O=Let’s Encrypt, C=US | 2019-05-25 00:27:07 | 2019-08-23 00:27:07 | beautysalome.com, www.beautysalome.com | ||
| 2 entries | duplicate nr. 1 | |||||
| 929011703 | CN=Let’s Encrypt Authority X3, O=Let’s Encrypt, C=US | 2019-05-24 10:12:16 | 2019-08-22 10:12:16 | *.beautysalome.com, beautysalome.com | ||
| 2 entries | duplicate nr. 5 | next Letsencrypt certificate: 2019-05-31 09:10:55 | ||||
| 928998348 | CN=Let’s Encrypt Authority X3, O=Let’s Encrypt, C=US | 2019-05-24 10:00:43 | 2019-08-22 10:00:43 | *.beautysalome.com, beautysalome.com | ||
| 2 entries | duplicate nr. 4 | |||||
| 928968141 | CN=Let’s Encrypt Authority X3, O=Let’s Encrypt, C=US | 2019-05-24 09:35:47 | 2019-08-22 09:35:47 | *.beautysalome.com, beautysalome.com | ||
| 2 entries | duplicate nr. 3 | |||||
| 928965560 | CN=Let’s Encrypt Authority X3, O=Let’s Encrypt, C=US | 2019-05-24 09:32:43 | 2019-08-22 09:32:43 | *.beautysalome.com, beautysalome.com | ||
| 2 entries | duplicate nr. 2 | |||||
| 928943510 | CN=Let’s Encrypt Authority X3, O=Let’s Encrypt, C=US | 2019-05-24 09:10:55 | 2019-08-22 09:10:55 | *.beautysalome.com, beautysalome.com | ||
| 2 entries | duplicate nr. 1 |
And you use one certificate that is 90 days valid:
CN=www.beautysalome.com
25.05.2019
23.08.2019
expires in 90 days
beautysalome.com, www.beautysalome.com - 2 entries
But you have a loop:
| Domainname | Http-Status | redirect | Sec. | G |
|---|---|---|---|---|
| • http://beautysalome.com/ | ||||
| 107.180.4.79 | 301 | https://beautysalome.com/ | 0.220 | A |
| • http://www.beautysalome.com/ | ||||
| 107.180.4.79 | 301 | https://www.beautysalome.com/ | 0.223 | A |
| • https://beautysalome.com/ | ||||
| 107.180.4.79 | 302 | http://beautysalome.com/ | 2.063 | F |
| • https://www.beautysalome.com/ | ||||
| 107.180.4.79 | 302 | http://www.beautysalome.com/ | 1.243 | F |
http redirects to https, https redirects to http.
So it’s impossible to use your site.
You don’t need a new certificate. You have to remove the redirect https -> http.
As outlined in the FAQ at ZeroSSL - if you are using your own or previously generated CSR, your domain key will not be shown on the last step (it is physically impossible to “extract” your key from CSR and show it anyway). It will be the same as you already have (from when you have generated that CSR), so just use your previously received domain key with the new certificate. If you have lost the key, you just need to generate a new CSR (either by yourself or by letting your browser to generate one when you enter domain names on ZeroSSL).
Edit: I misread the above comment
Please read the above carefully - what we are talking about there is the private key.
Edit: changed the wording in my previous comment for more clarity 