Old certificate still on verified after setup lets encrypt

Hello,

First of all I would like to thanks for project of let’s encrypt. I was using comodo ssl last 5 days I had I decided to change with lt’s encrypt. To setup ssl I use webmin/wirtualmin as it is setup in my VPS server (ubuntu 15 64 bit).
On Webmin panel I can see private key file (/etc/webmin/letsencrypt-key.pem) and also certificate file (/etc/webmin/letsencrypt-cert.pem) also additional certificate files (/etc/webmin/letsencrypt-ca.pem).

Everyting is look okay but when I open my website on mozilla firefox still I can see "verified by comodo ca.

Did you restart your web server (Apache or nginx probably)? Webmin might not have done it for you, but it should have a button for doing so.

Yes I did (it is Apache), also I restart vps.

No, there is absolutely no such thing as that. :slight_smile: In the TLS technology, every single connection is a new cryptographic session, with a fresh presentation of certificates and a fresh use of cryptographic keys. (except for something called TLS session resumption, which shouldn't be relevant here)

I would suggest doing

grep -r SSLCert /etc/apache2

to see if you can find certificate-related directives that you weren't aware of. (Or, is it possible that you have a reverse proxy or CDN or something that you weren't aware of, so that your Apache program isn't what's actually directly speaking HTTPS to site visitors?)

1 Like

You don’t use CloudFlare do you?

If you use CloudFlare’s CDN service, they intercept your SSL connections, so you would see a Comodo certificate from them when visiting your site, and your Let’s Encrypt certificate would only be used to secure the connection between CloudFlare and your origin server. CloudFlare obtains this certificate for you; it would be unrelated to any Comodo certificate you might have obtained.

You could turn off the orange cloud in the DNS tab of their admin panel if you wanted to reveal your origin server and the certificate on it. Or on their Security tab, make sure SSL is set to “Full SSL (Strict)” and you’ll then get a CloudFlare error page when visiting your site if your Let’s Encrypt certificate is not properly configured.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.