Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com ), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is: gamebox-x.com
I ran this command: (using web-servise “sslforfree” and “zero-ssl”)
It produced this output: rate-limits
My web server is (include version): nginx - 1.13.8
The operating system my web server runs on is (include version): Windows Server 2016 Gen2
My hosting provider, if applicable, is: none
I can login to a root shell on my machine (yes or no, or I don’t know): (custom service)
I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no
Need to: Clear ssl-certificate registration for creating new-one
Hi @mkikets
you have 10 certificates created 2018-09-30:
https://transparencyreport.google.com/https/certificates?cert_search_auth=&cert_search_cert=&cert_search=include_expired:false;include_subdomains:false;domain:gamebox-x.com&lu=cert_search
Why don't you use one of these. Normally, you should have max. 2 active certificates - one expiring < 30 days, one longer.
That hits the 5 identical certificates per week - limit. So you have to wait one week.
I know, but when I add certificate to server - nginx do not update cert in client (still saying “non-commertial use”)
Did you restart your nginx?
If yes, please share your nginx - configuration files.
restarted hundred times
nginx config:
server {
listen 443 ssl http2;
server_name gamebox-x.com www.gamebox-x.com;
client_max_body_size 64m;
ssl on;
ssl_certificate ../cert/certcombined.crt;
ssl_certificate_key ../cert/private_rsa.key;
access_log logs/gamebox-x.access.log;
error_log logs/gamebox-x.error.log warn;
location / {
#return 200 "OK";
proxy_pass http://192.168.200.3:80;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
But maybe the problem is with rsa_private key because nginx log has
2018/09/30 19:56:03 [emerg] 4248#7124: SSL_CTX_use_PrivateKey_file("C:\nginx-1.13.8/conf/../cert/private_rsa.key") failed (SSL: error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch)
So that`s why I need to clean ssl-registration
You have to change these two file names and restart.
i have cert but have wrong rsa_private_key
Then read the help of sslforfree where the private key is saved / stored.
install, restart but not result
mkikets:
restart but not result
Then you may have a second nginx - configuration. Or you have to restart your complete server (another user had such a problem).
Or your files / paths
are wrong. Share the content of ../cert/certcombined.crt
, it's public.
ok... I waited 7 days... but after renew still no result...
New content of certcombined.crt
is :
-----BEGIN CERTIFICATE-----
MIIGFzCCBP+gAwIBAgISAwbjfhye2lBlDfFFJFNPOgpQMA0GCSqGSIb3DQEBCwUA
MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD
ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xODEwMDgwNTA5MjlaFw0x
OTAxMDYwNTA5MjlaMBgxFjAUBgNVBAMTDWdhbWVib3gteC5jb20wggEiMA0GCSqG
SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCozoMs0KMroRDwifFqOCTO0LvVZiluGCLY
ckbCvKE96fhds5kscKPg76du4eDWrcMzOsWJlDArdkxZJpbdXWmbBGJZtywjrhOE
6oWy1zEF6q/xBMIAkApyQZff3xkl+eNzPuBHxFTQKsZauNUWbgEzM084ESe2eSC6
I95x3MNTaLlMPdV/QDFQLy1RVKbOnrnHvY9dLDqrJ7AtK4V9ZqqoxF5CxMHCN/iR
8nrItyaK+2vTbWS7x0Z2uznWvohQCoZPHIzl1JwDPExd3xsFfLAgM2kzaX+I7Eui
YnJR7mxPwA6gqmQI68dkkYPFNiReMNGy2T20eR13UisJm1BLgxOnAgMBAAGjggMn
MIIDIzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUF
BwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFF7/ulJciPeqbVJBVwLUBy1qbb1w
MB8GA1UdIwQYMBaAFKhKamMEfd265tE5t6ZFZe/zqOyhMG8GCCsGAQUFBwEBBGMw
YTAuBggrBgEFBQcwAYYiaHR0cDovL29jc3AuaW50LXgzLmxldHNlbmNyeXB0Lm9y
ZzAvBggrBgEFBQcwAoYjaHR0cDovL2NlcnQuaW50LXgzLmxldHNlbmNyeXB0Lm9y
Zy8wKQYDVR0RBCIwIIIPKi5nYW1lYm94LXguY29tgg1nYW1lYm94LXguY29tMIH+
BgNVHSAEgfYwgfMwCAYGZ4EMAQIBMIHmBgsrBgEEAYLfEwEBATCB1jAmBggrBgEF
BQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwgasGCCsGAQUFBwICMIGe
DIGbVGhpcyBDZXJ0aWZpY2F0ZSBtYXkgb25seSBiZSByZWxpZWQgdXBvbiBieSBS
ZWx5aW5nIFBhcnRpZXMgYW5kIG9ubHkgaW4gYWNjb3JkYW5jZSB3aXRoIHRoZSBD
ZXJ0aWZpY2F0ZSBQb2xpY3kgZm91bmQgYXQgaHR0cHM6Ly9sZXRzZW5jcnlwdC5v
cmcvcmVwb3NpdG9yeS8wggEFBgorBgEEAdZ5AgQCBIH2BIHzAPEAdgB0ftqDMa0z
EJEhnM4lT0Jwwr/9XkIgCMY3NXnmEHvMVgAAAWZSS3g5AAAEAwBHMEUCIQDxv3vj
+pS5kgkBpa4nK2IzVq7Y1pSmQrRVSuPIxnPG2gIgXyq9zqfchJOShh7fWF+/eHeV
hrpzlQolXkP8eKHQn3UAdwBj8tvN6DvMLM8LcoQnV2szpI1hd4+9daY4scdoVEvY
jQAAAWZSS3hPAAAEAwBIMEYCIQDxVjJk8laEheOj7ZJrTC2PtezJZTDXPLgJ9uXB
+SOQYgIhAKeHSQ3ivSm51ry+bLtpqIoOQ8a7B6+uExbcSSRgUD+gMA0GCSqGSIb3
DQEBCwUAA4IBAQACieMpGjgYUDk2XmVCQM/lfkgJQAG06ayGkp8YVXZXuCSf4RKK
uARLRhkScDKr6lVr3y2v+wRe2NoM+CKaKE3/Jouo6TthEq4LiW4hgIbCLZe0kofg
Xb+ZbPDhGcwOX/RYCTDWAtLbbUcQtEkaIGk/+CWLbZJj5PA/bd9UqXyQT80Rh4ES
gvQBZ41x2GaYlVDlAlvS6Y1FXtlPRQnML0TR22MkcOrUJVqr2mAC7TTYtxH4vwak
VCzH2JEE/hgl+RCs+1TbGVCRL69kOdCasdJF2jeSj7cmtPjhF8drgYQZnrRmION7
Vg2W/3aPsZAyKp2N5NIzV6FEqFhJ1vLz+AqY
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIEkjCCA3qgAwIBAgIQCgFBQgAAAVOFc2oLheynCDANBgkqhkiG9w0BAQsFADA/
MSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMT
DkRTVCBSb290IENBIFgzMB4XDTE2MDMxNzE2NDA0NloXDTIxMDMxNzE2NDA0Nlow
SjELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUxldCdzIEVuY3J5cHQxIzAhBgNVBAMT
GkxldCdzIEVuY3J5cHQgQXV0aG9yaXR5IFgzMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAnNMM8FrlLke3cl03g7NoYzDq1zUmGSXhvb418XCSL7e4S0EF
q6meNQhY7LEqxGiHC6PjdeTm86dicbp5gWAf15Gan/PQeGdxyGkOlZHP/uaZ6WA8
SMx+yk13EiSdRxta67nsHjcAHJyse6cF6s5K671B5TaYucv9bTyWaN8jKkKQDIZ0
Z8h/pZq4UmEUEz9l6YKHy9v6Dlb2honzhT+Xhq+w3Brvaw2VFn3EK6BlspkENnWA
a6xK8xuQSXgvopZPKiAlKQTGdMDQMc2PMTiVFrqoM7hD8bEfwzB/onkxEz0tNvjj
/PIzark5McWvxI0NHWQWM6r6hCm21AvA2H3DkwIDAQABo4IBfTCCAXkwEgYDVR0T
AQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAYYwfwYIKwYBBQUHAQEEczBxMDIG
CCsGAQUFBzABhiZodHRwOi8vaXNyZy50cnVzdGlkLm9jc3AuaWRlbnRydXN0LmNv
bTA7BggrBgEFBQcwAoYvaHR0cDovL2FwcHMuaWRlbnRydXN0LmNvbS9yb290cy9k
c3Ryb290Y2F4My5wN2MwHwYDVR0jBBgwFoAUxKexpHsscfrb4UuQdf/EFWCFiRAw
VAYDVR0gBE0wSzAIBgZngQwBAgEwPwYLKwYBBAGC3xMBAQEwMDAuBggrBgEFBQcC
ARYiaHR0cDovL2Nwcy5yb290LXgxLmxldHNlbmNyeXB0Lm9yZzA8BgNVHR8ENTAz
MDGgL6AthitodHRwOi8vY3JsLmlkZW50cnVzdC5jb20vRFNUUk9PVENBWDNDUkwu
Y3JsMB0GA1UdDgQWBBSoSmpjBH3duubRObemRWXv86jsoTANBgkqhkiG9w0BAQsF
AAOCAQEA3TPXEfNjWDjdGBX7CVW+dla5cEilaUcne8IkCJLxWh9KEik3JHRRHGJo
uM2VcGfl96S8TihRzZvoroed6ti6WqEBmtzw3Wodatg+VyOeph4EYpr/1wXKtx8/
wApIvJSwtmVi4MFU5aMqrSDE6ea73Mj2tcMyo5jMd6jmeWUHK8so/joWUoHOUgwu
X4Po1QYz+3dszkDqMp4fklxBwXRsW10KXzPMTZ+sOPAveyxindmjkW8lGy+QsRlG
PfZ+G6Z6h7mjem0Y+iWlkYcV4PIWL1iwBi8saCbGS5jN2p8M+X+Q7UNKEkROb3N6
KOqkqm57TH2H3eDJAkSnh6/DNFu0Qg==
-----END CERTIFICATE-----
This is checker on “sslshoper”
But when I check the text in it, it says next:
This is a new certificate, created today. So this part works.
But the certificate isn't installed, so you get a warning.
This
is not relevant. It's only the certificate signing request, not the certificate.
You have to install this certificate and restart your server.
Perhaps the file location ../cert/ is wrong. Or the file is a symlink. Or you have a second nginx - configuration.
mkikets
October 10, 2018, 9:58am
15
I found the solution:
I cleared all files in temp folder and now it worked.
Thank you for helping.
2 Likes
system
Closed
November 9, 2018, 1:49pm
17
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.