Need to renew a client cert - don't have login

Thank you so much, I will give that a try!!! Appreciate it!!

1 Like

You do realize I'm in Europe, right?

Wait. What host?


Just FYI, we are volunteers who offer our own time and experience. There is a small paid Let's Encrypt staff but our work here allows them to focus on other matters.

Can you post the steps the host provided to you for getting a cert? Or point us to a link where those are?

There is a large variety of ways to get certs and install them. Any details would help us focus on the items you need.


A new what?

Is there a link you can provide?

I've read nothing rude (yet) in this topic.

We are as ignorant as you.
Unfortunately, in order for anyone here to help you, questions must be answered.
If you don't know the answers, please realize that there is no one-size-fits-all solution.
There are many ACME clients for many operating systems.
There are multiple ways to configure ACME clients to obtain and renew certs.
There are many control panels that can automate certificate renewals (or impede external/manual updates).
There are many different programs that can use certificates and may have problems with different types of certs.
And lastly, we are just people, just like you.
We are NOT employed by LE. “I’m not only the Hair Club president, I’m also a client.” LOL
We too use LE (and help each other to overcome related issues as they come up).
We are here to help, but that's not always as easy as it sounds.

[posted 11:18pm Friday]


Taking a step back here, if you don't know how to setup SSL certificates why are you helping your client at all? Are you a web developer - if so, learn about certificates and how to administer certificates. Use your own domain and setup a test system, learn how to setup a certificate.

If you don't know how to do this stuff don't try to do it for someone else (on their production system) until you've figured it out.

I realise you've come for help but unfortunately you've jumped in with the attitude that someone here owes you an explanation of how this all works. The reality is there are 100 ways the certificate could have been setup.

Regarding the 'expired root' this is the standard Let's Encrypt DST Root CA X3 certificate chain and it has indeed expired, but if your system (the one you are browsing with) has the ISRG Root X1 certificate in it trusted root certificates store then it will use that instead (it's part of the "chain"). The chain itself is valid and is the default in order to remain compatible with older android browsers etc. Basically the computer you are browsing from is getting it's assessment of the certificate validity wrong, possibly because it's not properly up to date. Use Firefox or update your computer.


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.