Answers to the other questions on the form would be very helpful.
Can you also describe what you mean by "url show not secure"? Exactly what url is showing not secure? Because I can't even find a DNS A record (an IP record) for that domain so can't even guess what it might be.
=============================
Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is:
I ran this command:
It produced this output:
My web server is (include version):
The operating system my web server runs on is (include version):
My hosting provider, if applicable, is:
I can login to a root shell on my machine (yes or no, or I don't know):
I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):
Usually you would get Certbot to do this automatically for you upon renewal. Assuming you use an up-to-date version of Certbot, you can tell Certbot to do this in future by running:
yes i have deployed DNS TXT record in AWS where the domain is created .
also i have done this before renewing the certificate. previously it was error with port 443 which was running by nginx web server out side the nginx docker container.
i stopped the nginx webserver and kill the useless process running on 443 port . the problem was resolved .
but this time its not working
i apologise in advanec if i am not asking it in sorted way but need to solve this issue. please ask me quetions i will reply what steps i have done till now
curl: (60) SSL certificate problem: certificate has expired
More details here: curl - SSL CA Certificates
curl failed to verify the legitimacy of the server and therefore could not
establish a secure connection to it. To learn more about this situation and
how to fix it, please visit the web page mentioned above.
but when i certbot certificates
its
Certificate Name: supervisionspace.app
Serial Number: 457198902bfceaa0463a3fae26b42930c64
Key Type: ECDSA
Domains: supervisionspace.app *.supervisionspace.app
Expiry Date: 2023-06-05 21:41:16+00:00 (VALID: 89 days)
Certificate Path: /etc/letsencrypt/live/supervisionspace.app/fullchain.pem
Private Key Path: /etc/letsencrypt/live/supervisionspace.app/privkey.pem
My says: ... Your web server is NOT using the cert shown ...
Seems that is all it can tell me at this time.
You could try restarting nginx.
If that doesn't resolve the problem...
Try reviewing the nginx config to see where it is picking up the expired cert from.
And replace that path with the path to the renewed cert:
i found that my niginx default.conf file is
ssl_certificate /etc/letsencrypt/live/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
and when i create new certificate the path is
Certificate Path: /etc/letsencrypt/live/supervisionspace.app/fullchain.pem
Private Key Path: /etc/letsencrypt/live/supervisionspace.app/privkey.pem
should i copy the /etc/letsencrypt/live/supervisionspace.app/fullchain.pem TO /etc/letsencrypt/live/fullchain.pem
and /etc/letsencrypt/live/supervisionspace.app/privkey.pem TO /etc/letsencrypt/live/privkey.pem
This is wrong. Each of these should point to the subdirectory e.g. /etc/letsencrypt/live/supervisionspace.app/fullchain.pem. Files should not be stored directly inside /etc/letsencrypt/live/.