I have a site that was hosted at OVH, that handled Let's Encrypt certificates automatically. A couple of days ago, I have moved to Amazon Web Services, and (obviously) i had to handle the certificates myself.
Before the migration everything went perfect, and after that i thought it was going perfect too, the certificates issued perfectly, and my browser detected it correctly. The problem is that some users have reported that they are having some issues with the certificate. It says that the website is non-secure. And I've seen myself that I'm getting the same error in Firefox running in my smartphone (Chrome in my smartphone works fine). The error i see is:
Please fill out the fields below so we can help you better.
My domain is: https://clubskodakodiaq.com and https://www.clubskodakodiaq.com
I ran this command: ./certbot-auto certonly --webroot -w /var/www/html/clubskodakodiaq -d clubskodakodiaq.com -d www.clubskodakodiaq.com
It produced this output:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Cert not yet due for renewal
You have an existing certificate that has exactly the same domains or certificate name you requested and isn't close to expiry.
What would you like to do?
1: Keep the existing certificate for now
2: Renew & replace the cert (limit ~5 per 7 days)
Select the appropriate number [1-2] then [enter] (press 'c' to cancel): 2
Renewing an existing certificate
Performing the following challenges:
http-01 challenge for clubskodakodiaq.com
http-01 challenge for www.clubskodakodiaq.com
Using the webroot path /var/www/html/clubskodakodiaq for all unmatched domains.
Waiting for verification...
Cleaning up challenges
Generating key (2048 bits): /etc/letsencrypt/keys/0006_key-certbot.pem
Creating CSR: /etc/letsencrypt/csr/0006_csr-certbot.pem
- Congratulations! Your certificate and chain have been saved at
/etc/letsencrypt/live/clubskodakodiaq.com/fullchain.pem. Your cert
will expire on 2017-07-20. To obtain a new or tweaked version of
this certificate in the future, simply run certbot-auto again. To
non-interactively renew all of your certificates, run
- If you like Certbot, please consider supporting our work by:
Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate
Donating to EFF: https://eff.org/donate-le
My operating system is (include version): Amazon Linux:
Linux 4.4.51-40.58.amzn1.x86_64 #1 SMP Tue Feb 28 21:57:17 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux
My web server is (include version): nginx version: nginx/1.10.2
My hosting provider, if applicable, is: AWS
I can login to a root shell on my machine (yes or no, or I don't know): Yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel): No