Localhost certificate duplicates with Let's Encrypt

pancake · February 4, 2019, 5:03am

I ran this command: https://www.newtricksinfo.com/install-wordpress-vultr-free-lets-encrypt-ssl/#How_To_Install_Free_Let8217s_Encrypt_SSL_Certificate_On_A_WordPress_Website_Hosted_On_Vultr_VPS

It produced this output: I see a Let’s Encrypt SSL if I check https://www.ssllabs.com/ssltest/analyze.html?d=dutchpancakeevents.com but when i browse through any browser I get the localhost standard wordpress SSL instead of Let’s Encrypt

My web server is (include version): Nginx

The operating system my web server runs on is (include version): Ubuntu 16.04.5 LTS (GNU/Linux 4.4.0-137-generic x86_64)

My hosting provider, if applicable, is: Vulture

I can login to a root shell on my machine (yes or no, or I don’t know): Yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): No

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): This is what I get
/usr/lib/python3/dist-packages/ndg/httpsclient/subj_alt_name.py:22: UserWarning: Error importing pyasn1, subjectAltName check for SSL peer verification will be disabled. Import error is: No module named ‘pyasn1’
warnings.warn(import_error_msg)
/usr/lib/python3/dist-packages/ndg/httpsclient/ssl_peer_verification.py:25: UserWarning: SubjectAltName support is disabled - check pyasn1 package installation to enable
warnings.warn(SUBJ_ALT_NAME_SUPPORT_MSG)
/usr/lib/python3/dist-packages/ndg/httpsclient/subj_alt_name.py:22: UserWarning: Error importing pyasn1, subjectAltName check for SSL peer verification will be disabled. Import error is: No module named ‘pyasn1’
warnings.warn(import_error_msg)

Help would be appreciated, I’m so stuck :)!

Osiris · February 4, 2019, 6:20am

I’m not getting a localhost certificate from my point of view, ~~how hard I try~~ through my browser.

Only when I “surf” to your site through OpenSSL without SNI, I’m getting the localhost certificate. But that isn’t that strange. All modern browsers use SNI, so should get the correct certificate.

If you really would like to use the Let’s Encrypt certificate for all browsers and your site (and Let’s Encrypt certificate) is the only one on your server, you could always just remove the localhost-certificate from your nginx configuration.

JuergenAuer · February 4, 2019, 7:49am

Hi @pancake

there is no wrong certificate visible ( https://check-your-website.server-daten.de/?q=dutchpancakeevents.com ):

CN=dutchpancakeevents.com
	04.02.2019
	05.05.2019
	dutchpancakeevents.com, www.dutchpancakeevents.com - 2 entries

Your certificate is valide. But if you use

a local address, you will always see an error because the certificate doesn't match.

That's normal.

rg305 · February 4, 2019, 7:55pm

So the problem may be with your client / web browser.
Which one are you using to get this problem?

system · March 6, 2019, 7:55pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.