Replace lets encrypt SSL certificate with New Public One

Help
1

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:

I ran this command:

It produced this output:

My web server is (include version):

The operating system my web server runs on is (include version):

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don't know):

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):

2

Welcome @Tkhlaif

Can you explain more about what you want to do? And why?

Your domain is using a Let's Encrypt certificate with 57 days left before expiration. This cert is publicly trusted.

I don't see anything with your cert that needs attention right now. And, your server gets an A score at SSL Labs (link here) so should be working fine.

6 Likes
3

Thanks Mike for your reply
actually, we have production service running on AWS , we have a previous SSL certificate that expected to expire today 16c Dec 2022 , but we noticed that its renewed to 14 Fen 2023 ,

we purchased new SSL certificate valid for 1 Year and we need to install it on this service

we tried to add the Crt and key file , but still showing Lets Encrypt Certificate

1 Like
4

Are you talking about your Apache service that handles HTTPS requests?

Because if you changed the Apache config to use your new (Sectigo?) cert you should just need to reload Apache to start using it.

Once that is working with your new cert you should stop requesting Let's Encrypt certs for that domain. If you tell us which ACME client you used we can help with that (was it Certbot?)

7 Likes
5

Oh, I see by looking at your cert history that you are talking about the domain sftp-fpds.meraki-it.com Is that correct?

What kind of service handles requests to that domain? You need to reconfigure it for your new cert and probably restart or reload it to start using new config. I could not tell from the http response headers what service that is.

7 Likes
6

Yes exactly this service

we are using SFTP Gateway called File mage and inside the configuration file we added the below lines to point into our certificate ( New One )

image

but still showing Lets encrypt certificate
`

1 Like
7

That does not look correct. The docs for that product (link here) show format like:

tls_certificate: /etc/filemage/mydomain.cert
tls_certificate_key: /etc/filemage/mydomain.key

You don't have one for the key just two lines for certificate

Also, do you need to restart that sftp server after making config changes?

7 Likes
8

Hi Mike
I updated the config file and still display old certificate

image

9

You said you "added" those lines. Did you delete the lines for the Let's Encrypt cert?

And, did you restart the File Mage server after making those changes?

If you did all that then you should ask File Mage support for why that is. There is nothing we can do about that.

7 Likes
10

Thanks
i will check with Filemage support

3 Likes
11

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.