My site showing not secured in for some users

so how to solve it ?

From here SSL Server Test: (Powered by Qualys SSL Labs)

I highly suggest stop offering this EXPIRED Certificate #2 as None SNI will possible us it.

1 Like

Actually I disagree; I believe the certificate was updated to this | 11852165767 one
Valid from Wed, 24 Jan 2024 09:41:45 UTC |

1 Like

actually i had the certificate that was valid till march 2024 which i renewed on december 2023. Since it showed the "not secured" issue i renewed it again today afternoon

Did you just make a change? Because I was getting a failure using HTTPS with curl to your site but now the connection works.

But, your server redirects the HTTPS request to HTTP which is poor practice and browsers may warn about.

And, the HTTPS connection is using a cert from Do you know what that is?

I think you should start be rebooting your server. And, please let us know what operating system and version and openssl version you have. I don't see any problems with your certs but likely problems with ciphers or other server config.

Your nginx says it is 1.4.6 which is like 10 years old.

curl -i
curl: (56) OpenSSL SSL_read: error:0A000126:SSL routines::unexpected eof while reading, errno 0

# and just 1 minute later connection works but wrong cert
curl -i
curl: (60) SSL: no alternative certificate subject name matches target host name ''
More details here:

# Is this cert
subject=CN =
issuer=C = US, O = Let's Encrypt, CN = R3
notBefore=Dec 19 09:05:48 2023 GMT
notAfter=Mar 18 09:05:47 2024 GMT

Well to start with, to help other more knowledgeable Let's Encrypt community volunteers to assist,

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. |, so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:

I ran this command:

It produced this output:

My web server is (include version): nginx/1.4.6 (Ubuntu)

The operating system my web server runs on is (include version): ? Ubuntu

My hosting provider, if applicable, is: ? DIGITALOCEAN

I can login to a root shell on my machine (yes or no, or I don't know):

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):

Thank you for assisting us in helping YOU!

1 Like

Your system is very unstable. I suggested restart and still do.

Here's one response I saw. Note a connect to recruitopen on HTTPS but it redirected to ww12 subdomain as HTTP

And, nginx version for ww12 is 1.10.3 but your other nginx is 1.4

curl -Ik
HTTP/1.1 302 Found
content-length: 0
cache-control: no-cache

That is the issue ,I havent made any changes. i dont no why its using the certificate from . It keep on changing . sometimes the site opens smoothly but then sometimes its shows as not secured

Who hosts your server? Something has obviously changed.

I get a valid TLS connect (using cert) from openssl on my own system but yet curl fails. Makes me think of something like a changed openssl version on your system. Or some other operating system component.

echo | openssl s_client -connect  | (head -20)
Certificate chain
 0 s:CN =
   i:C = US, O = Let's Encrypt, CN = R3
   a:PKEY: rsaEncryption, 2048 (bit); sigalg: RSA-SHA256
   v:NotBefore: Jan 24 09:41:45 2024 GMT; NotAfter: Apr 23 09:41:44 2024 GMT

# yet curl right after that fails
curl -i
curl: (56) OpenSSL SSL_read: error:0A000126:SSL 
routines::unexpected eof while reading, errno 0

This shows "old / weak connection"

1 Like

How to rectify it?

I don't know. Your problems don't look related to Let's Encrypt certs

Sounds like your problems started before you got your fresh certs today. Look at all the recent changes to your system. Consult with your hosting company. Or, consult a server or networking specialist.


I am guessing DIGITALOCEAN-143-110-128-0 ARIN Whois/RDAP - American Registry for Internet Numbers

1 Like

Yes , i got the fresh certificate assuming that its the issue to ssl certificate as the brower showed insecure connection

I suggest starting by contacting Digital Ocean

ICANN shows:

1 Like

Thank you , I will contact digital ocean


Found this topic just now myself looking for when I got cert errors on some of my stuff. I self-host everything with a certbot docker image to renew my certs. I got several cert error popups about mismatching hostnames on some of my stuff. I'm also getting the same issue for all my domains under the cert, also issued in December. I forced it to do a renew on the certs and it seems fine, but it's still weird. I wonder if certbot had an issue and gave everybody certs for that domain? Googling on it I see a bunch of SSL reports of random domains with that as the cert name.

Alternatively I guess it could be a DNS issue, I wonder if some root server somewhere started resolving hostnames to the wrong place. Sadly I didn't keep any of the error popup contents that had cert details, I'll see if I can dig them up.

Actually, I just figured out the issue I'm pretty sure. Both my domain and are registered with Namecheap. My autorenew failed and my domain was close to expiration (today, actually), and it looks like Namecheap helpfully starts randomly redirecting nearly-expired domains to various sponsors and parking websites informing about the impending expiration. Once I renewed my domain all the weirdness went away and it's back to normal. I'd guess my manual renewing of my certs didn't actually do anything and was coincidental with the random redirection Namecheap does.

Of course, with any sort of sensible certificate validation turned on, things get very cranky when an https URL redirects to an unexpected location, and I'd guess apnigiftshop[.]com is one of the sponsors it redirected to. Not sure how I feel about that, I wonder if I can disable that redirection with Namecheap.

1 Like

I think this should be the issue, my domain is about to expire or probably has expired and it's from namecheap too. Got that apnigiftshop message and certbot notification.

@Scoth42, @smyja

Be warned:

VirusTotal - URL

That site might be malicious.