I followed all steps used when creating the original cert.
Cert created ok.
.pfx created ok.
imported .pfx into Server Certificates ok.
the newly updated expiration date range shows on the cert.
restarted, renewed, refreshed, recycled everything in IIS multiple times.
rebooted twice.
When I try to open the page I get:
Secure Connection Failed
The connection to the server was reset while the page was loading.
The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
Please contact the website owners to inform them of this problem.
I even see this directly within IIS when browsing the site,
(never leaving the box).
Yes, I IMPORTED the .pfx from within IIS -> Sever Certificates.
It shows there OK.
Note – if you just click the .pfx in Windows Explorer to load it (as I have seen recommended) that will pop through to a 'successfully added" message; BUT, the cert does not really load into Server Certificates. You have to right click in there and choose Import… to get it to actually work.
IIS 7.5 doesn’t support SNI.
If both HTTPS sites go to the same folder, try deleting one of them.
Also try unbinding the cert and apply that change, then bind it back.
IIS is notorious for not playing as expected.
I get that IIS sucks.
Part of my effort here is to get Let’s Encrypt working on Windows as part of a guide to help people stage off of Windows servers onto Linux (#Debian).
I guess I still don’t see why it worked the first 3 months and broke only when reapplying the cert – but I will try to remove and reapply the bindings.
Notes:
I only have/desire one cert. Both domains are on the one cert; to work on the one IP.
Each domain points to a separate home folder.
Nothing is different from when this was set up 3 months ago other that Normal Windows updates and renewing the LE certificate.