I used this tutorial in digitalocean to install Letencrypt on my website. everything worked as expected. But now when I try to open my website ( it says the connection is not private.

I searched and found lots of topics but none of them were the case.
when I run sudo letsencrypt certificates, it shows me one certificate for and

Found the following certs:
  Certificate Name:

My DNS records are like this:

A     IP
A     IP

I’m using apache. In the file I see these lines at the end of the file

Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/
SSLCertificateKeyFile /etc/letsencrypt/live/

Help please

Hi @vmohir

you have two certificates, created today:

This is good. But you don't use these. Instead, you have a curious configuration ( ):

Your authoritative nameserver doesn't answer: But there are a lot of ip-addresses: A no
A no
A no
A no
A no
A no
A no
A no
A no
A no
A no
A no

The certificate you use:

CN=*, OU=EssentialSSL Wildcard, OU=Domain Control Validated
	*, - 2 entries

Is this your hoster or another own domain?

And you have a two-step-loop - http redirects to https, https redirects to http.

Looks like this config

isn't used. Did you reload your apache? Is there a standard vHost with the other certificate name?

Yes I had a enabled with this configuration at the end of it:

RewriteCond %{SERVER_NAME} [OR]
RewriteCond %{SERVER_NAME}
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]

which I think these are added by certbot because I’ve chosen the option to redirect http to https.

I don’t know about the IPs that is showing as none of them is related the IP of my server which is
I actually don’t know what these are and where I can fix something about these.

and is the website were I got my Ubuntu server from.

I have these configurations enabled in apache:


the first one is the one that I’ve created using this tutorial, and the second one is created by certbot.

First thought, my tool has an error. But rechecking with

there is the same picture: Nameservers from different locations - all see the same block:

Perhaps your hoster has an own CDN.

Do you see your website internal, with your ip?

Oh, what's that? Last week I've added a direct ipv4- and ipv6 - check, tested that with your ip -

There is your certificate:
	02.05.2019, - 2 entries

created today, 90 days valide.

So your ip use your new certificate, but your domain name doesn't use your ip address.

That's completely curious, never seen such a configuration.

Perhaps your hoster has additional options so the certificate must be used with these ip addresses.

1 Like

Oh thanks man you said about CDN and I just tried disabling a CDN option in my hoster panel and now everything is working fine!
the CDN option was something related to the DNS A records.

1 Like

Yep, now I see your ip address:

Host T IP-Address is auth. ∑ Queries ∑ Timeout A yes 1 0
AAAA yes A yes 1 0
AAAA yes

And the loop is gone:

Domainname Http-Status redirect Sec. G 301 0.200 A 301 0.203 A 200 2.120 B 200 2.733 B

Both domains - www and non-www - are now secure.

So your hoster has an official CDN. But that works only without a certificate, so the hoster adds a redirect https -> http, that was the loop.

And that covers the individual ip address of the domain using this CDN.

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.