Need help checking validity of website

Help
1

Hello,

I manage boston-micro.com. A Weebly website using Network Solutions for domain and DNS management. I can see we're suddenly having SSL issues and I'm struggling to find the original certification that was installed.

From what I can tell, the original SSL certificate is from Let's Encrypt

see here: crt.sh | 14487654212

Looks like it wasn't valid after Dec 8 2024.

Authority Information Access:
OCSP - URI:http://r10.o.lencr.org
CA Issuers - URI:http://r10.i.lencr.org/

X509v3 Subject Alternative Name:
DNS:boston-micro.com
DNS:www.boston-micro.com
X509v3 Certificate Policies:
Policy: 2.23.140.1.2.1

Can you please confirm there was an SSL certificate logged for Boston-micro.com and if it's expired now?

2

The data you see on crt.sh looks correct. I see 31 certificates issues for boston-micro.com, ranging from 2018-2024. crt.sh | 14487654212 is the latest one, which expired on 2024-12-08 10:14:06 GMT (I cross-checked with censys data, as crt.sh sometimes has high backlogs).

5 Likes
3

Thank you much! I'm assuming the fix is as easy as buying new SSL product from Namesake and updating DNS records.

1 Like
4

Rather curiously, this is what I see when I visit your website:

742Ă—915 78.7 KB

It could be that my country is blocked, but it does show “access weebly.com” for some reason. I suspect all of the technical aspects (including TLS certificates) are handled by Weebly? You should probably contact their support for help.

(Though it's rather strange seeing a domain using Cloudflare that doesn't have a valid certificate. I realize that weebly likely has an Enterprise plan with CF, but still)

3 Likes
5

The best course of action here is to engage with Weebly support.

4 Likes
6

Thank you everyone. Unfortunately Weebly has been very unhelpful and I'm unable to change any SSL settings directly in Weebly admin settings. Will keep trying them

1 Like
7

Point them to:
https://www.ssllabs.com/ssltest/analyze.html?d=boston-micro.com
openssl s_client -connect 199.34.228.67:443

4 Likes
8

ALSO, just want to thank everyone. I've never posted in here before and you were all way more helpful than any support team i've chatted w/ this week

5 Likes
9

Let's Encrypt certificates are FREE of charge. While it's allowed to charge :moneybag: for the service of getting such a free certificate from Let's Encrypt and use it for your website, most of us volunteers frown upon that. Most hosting providers offering Let's Encrypt certificates do so free of extra charge.

10

ok, thanks Osiris. As i said above, i had never used Let's Encrypt before. It was set up before I managed the website. But i will look into it

1 Like
11

The "usage" of Let's Encrypt differs enormously. Let's Enrypt themselves only offers an "application programming interface" ("API") and it's possible to interface with that API in many different ways (from a user perspective). For most users, it's simply done automatically by the hosting provider: they don't have to care about it entirely. For other users it's just a single click in their control panel. More advanced users run their own program, called a "client" on their server they manage themselves manually. Other users are not so lucky and are stuck with a hosting provider not or barely supporting Let's Encrypt with terrible service or even asking money for it.

So there are many "flavours" of how to use Let's Encrypt, depending entirely on the specific situation.

3 Likes
12

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.