Need to renew a client cert - don't have login

You obviously need to have some access to the site. Maybe a control panel?

Let's Encrypt does not have access to your site nor can it somehow renew the certificate on its own.

4 Likes

Whoever created the site got it. I can send you a screen shot of the certs if that will help

It is expiring in 23 days. However, it says it has an expired root and the site can not be accessed.

I’m sorry, I don’t even know what those questions mean. I have never dealt with SSL before. I would answer them if I could but perhaps the cert numbers will help

Ok, if you don't know how it was created you need to check if there's an acme client somewhere.

It doesn't. It says it's revoked. I'll go out on a limb and say it's a bitnami wordpress. Read here if it is:

Good to know. Doesn't help tho!!

Someone else created the site for my client. The client knows nothing about it. I know nothing about it. I can just go somewhere else and buy a new one I guess.

Guess I'll go somewhere else then. Thanks

I can access the site through WP admin. Except I can't get in because it says there's an issue with the root cert so it's blocking me.

That website lives on a virtual machine inside somebody's Amazon Web Services account. This somebody is paying for the machine and has access to it. You must discover who this is or there is nothing you can do about the certificate or website.

1 Like

Can't I just get a new one somewhere else?

If you want to replace the entire website, you can point the domain name to a different IP address.

Assuming you have access to the DNS panel for that domain name.

1 Like

Why would I need to replace the website? I know where it's hosted and have access to the back end of the site.

Ok, do you have access to the shell of the machine hosting the website?

Because that's what you need to replace/renew that certificate, using the procedure I linked above.

1 Like

Those browser warnings can be overridden. Click on "advanced" or something similar and make an exception.

Getting a certificate usually is the easy part. Without access to your sites configuration (shell access as root or a control panel), you won't be able to actually install the certificate. Heck, you could buy a new certificate for many $$$, but you won't be able to use it. So with that in mind, it doesn't matter whether you get a new LE cert or go somewhere else.

2 Likes

Unless HSTS comes into play, I guess. (search "bypass hsts in «yourbrowser»" if you don't see where to add the exception -- and immediately forget how to do this)

1 Like

You know, I've never dealt with an SSL cert before, and I'm following the instructions and the link that the host gave me and told me to follow. I might as well be in a foreign county, because I know nothing about this. Either does my client. It's past 7:30 on a Friday night and I've been trying to get this solved all day. So I'd really appreciate it if you kept your sarcasm to a minimum. I came here for help because there's no way to contact an actual person and explain what has happened. I am admittedly completely ignorant, but I didn't ask for this problem to fall in my lap. It did. Instructive help would be appreciated. If there is none, there is none. I'll solve it some other way. But don't be rude.

Thank you so much, I will give that a try!!! Appreciate it!!

1 Like

You do realize I'm in Europe, right?

Wait. What host?

2 Likes

Just FYI, we are volunteers who offer our own time and experience. There is a small paid Let's Encrypt staff but our work here allows them to focus on other matters.

Can you post the steps the host provided to you for getting a cert? Or point us to a link where those are?

There is a large variety of ways to get certs and install them. Any details would help us focus on the items you need.

3 Likes