I tried using LetsEncrypt free SSL for the first time on 15 sites I’m working on. I used certbot to install an SSL cert on all 15 of theses sites 2 days ago. Things went extremely smooth and everything was working perfectly. However, it appears that as of this morning, browsers are now displaying an insecure error with the following error: NET::ERR_CERT_AUTHORITY_INVALID
My domain is:
I ran this command:
It produced this output:
My web server is (include version):
Litespeed 5.3.8 (backup Apache/2.4.39)
The operating system my web server runs on is (include version):
My hosting provider, if applicable, is:
I can login to a root shell on my machine (yes or no, or I don’t know):
I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
WHM - cPanel
The version of my client is (e.g. output of
certbot --version or
certbot-auto --version if you’re using Certbot):
Could you please logon to GoDaddy cPanel and check the certificate listed in cPanel -> TLS/SSL status?
It seems that now it’s been reverted back to the original self-signed certificate…
that's curious. Checking your domain there is a self signed cPanel-certificate ( https://check-your-website.server-daten.de/?q=realestate.heraldnet.com ):
expires in 352 days
cpanel.realestate.heraldnet.com, webdisk.realestate.heraldnet.com - 6 entries
If you use cPanel, you shouldn't use Certbot directly.
And you have a Letsencrypt certificate with 15 domain names:
||CN=Let's Encrypt Authority X3, O=Let's Encrypt, C=US
realestate.bainbridgereview.com, realestate.bellevuereporter.com, realestate.federalwaymirror.com, realestate.heraldnet.com, realestate.juneauempire.com, realestate.kentreporter.com, realestate.kirklandreporter.com, realestate.kitsapdailynews.com, realestate.peninsulaclarion.com, realestate.peninsuladailynews.com, realestate.seattleweekly.com, realestate.southwhidbeyrecord.com, realestate.thedailyworld.com, realestate.vashonbeachcomber.com, realestate.whidbeynewstimes.com - 15 entries
||duplicate nr. 1
Perhaps your hoster has updated the cPanel.
Check your cPanel if there is an option to create a Letsencrypt certificate. Then use that.
Also, as @JuergenAuer said, if you are using cPanel, you aren’t supposed to edit / touch Apache / LSWS files directly, as it will not stay unchanged after reboot / restart / reload.
You should try to either obtained the certificate and update it in cPanel interface manually, or use cPanel api to directly update the certificate from command-line.
acme.sh (another third party acme script) have support for cPanel API.
Ok, That makes sense. I will speak with my hosting provider to see if they have a way to set it up within cPanel, as I’m not seeing any LetsEncrypt integration tools in cPanel currently, just the standard, upload/ install a certificate options.
Hosting provider has stated they do not support 3rd Party SSL and cannot provide assistance… is there any documentation on the cPanel route?
Allows your cPanel a manual import? If yes, you can create a certificate via Certbot (with Certonly, without installation) and upload it. But you have to do that every 60 - 85 days.
I was able to download a WHM plugin for Let’s Encrypt. AutoSSL is now set up and everything appears to be working. Thanks for your help!
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.