Renewed Certificate still showing Unsecure

I renewed letsencrypt on this sub domain, and when I check the browser, it’s still showing ‘unsecure’

My domain is:

I ran this command:
certbot renew --dry-run

It produced this output:

Processing /etc/letsencrypt/renewal/

Cert is due for renewal, auto-renewing…
Starting new HTTPS connection (1):
Renewing an existing certificate
Performing the following challenges:
http-01 challenge for
Waiting for verification…
Cleaning up challenges

new certificate deployed without reload, fullchain is

** DRY RUN: simulating ‘certbot renew’ close to cert expiry
** (The test certificates below have not been saved.)

The following certs were successfully renewed:
/etc/letsencrypt/live/ (success)

My web server is (include version):
CentOS 7.1
The operating system my web server runs on is (include version):
CentOS Linux 7.3.1611

Yes, I can login to a root shell on my machine

Hi @pshegs

look there:

--dry-run Test "renew" or "certonly" without saving any certificates to disk

--dry-run doesn't save the certificate and doesn't change your webserver settings.

dry-run uses the test-system, so the certificate has the "Fake-Root". It's nothing to use productive.

Thank you for your reply. I’m not yet very well skilled in this, could you make it easier by helping me out with the exact stuff to run to fix the issue?

Thanks a million in advance.


Please just run certbot renew

Thank you

1 Like

Don't use the --dry-run option if you really want to renew your certificate and update your configuration.

Thank you. I did as instructed above, just certbot renew and it successfully renewed, but going to the url, it’s still showing as unsecure…

Done. renew successful, but it’s still showing as unsecure


You’ll need to use this URL to visit your site (in https version)

Thank you

You don't have a redirect http -->> https.

Add this, so a user is redirected to https.

Since we don’t know what web server you’re running, nobody can really help you set that up. Either post that information, or just search for “your_web_server_software https redirect”. That is, probably something like “apache https redirect” or “nginx https redirect”.

Based on the HTTP headers it appears to be Apache 2.4.6, so

The intermediate cert seems to be missing, though. For Apache 2.4.6 you want SSLCertificateFile pointed at your cert.pem and SSLCertificateChainFile pointed at your chain.pem.

(You should try to fix the other problems on that report too - this may help)

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.