Nodejs HTTP request returns "Error: Certificate has expired"

I have been getting the following error while making request to the server using HTTP Library ever since I switched to letsencrypt SSL Certificate:

Error: certificate has expired
    at TLSSocket.onConnectSecure (_tls_wrap.js:1046:34)
    at TLSSocket.emit (events.js:180:13)
    at TLSSocket._finishInit (_tls_wrap.js:633:8)
Emitted 'error' event at:
    at TLSSocket.socketErrorListener (_http_client.js:395:9)
    at TLSSocket.emit (events.js:180:13)
    at emitErrorNT (internal/streams/destroy.js:64:8)
    at process._tickCallback (internal/process/next_tick.js:178:19)

My certificate are not due for renewal but I still get the above Error whenever I try to do a post on my server. I tried to fix the chain following the instructions in the Link, but all my efforts went in vain.

I even tried to manually remove the cross-signed ISRG Root X1 from the chain and ended up with "SSL: error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch" while trying to restart NGINX server.

As a temporary solution, I've fixed this (temporarily) by adding

rejectUnauthorized: false

to the option which is not recommended.

Any permanent solution or Help would be appreciated.


Certificate Generation Detail:
Used Certbot Standalone Mode to Retrieve Certificates.

Web server:
NGINX 1.7.0

Nodejs 9.11.1

Certbot Version:

Certificate Chain:

depth=2 C = US, O = Internet Security Research Group, CN = ISRG Root X1
verify return:1
depth=1 C = US, O = Let's Encrypt, CN = R3
verify return:1
depth=0 CN = <>
verify return:1
Certificate chain
 0 s:/CN=<>
   i:/C=US/O=Let's Encrypt/CN=R3
 1 s:/C=US/O=Let's Encrypt/CN=R3
   i:/C=US/O=Internet Security Research Group/CN=ISRG Root X1
 2 s:/C=US/O=Internet Security Research Group/CN=ISRG Root X1
   i:/O=Digital Signature Trust Co./CN=DST Root CA X3

Hi @Timos, and welcome to the LE community forum :slight_smile:

Is there anything else listening on port 80?


Yes, I've configured NGINX to listen to both port 80 and 443.

I had stopped NGINX service while Generating the Certificate. Thank you for your prompt reply.

1 Like

Please try removing the last cert in the fullchain.pem file.


I have already tried this, but without success.
I get this error when I try to restart NGINX:

nginx: [emerg] SSL_CTX_use_PrivateKey_file("privkey.pem") failed (SSL: error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch)
nginx: configuration file nginx.conf test failed

Then you may have corrupted the fullchain.pem file during that edit.


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.