Replacement of Certificate


#1

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:
cd-athenaeum.com
I ran this command:
https://cd-athenaeum.com
It produced this output:
Not Secure
My web server is (include version):

  • cpsrvd 11.76.0.14
  • Database client version: libmysql - 5.1.73
  • PHP version: 7.2.7
    The operating system my web server runs on is (include version): windows 7/10

My hosting provider, if applicable, is: hostpresto

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):


#2

How was the LE cert obtained and installed 91 days ago?


#3

image

Sorry, but I don’t have any idea.


#4

Windows is not that easy to setup for web server certificates.
Do you have any idea who might of added that cert to your system 3 months ago?
Is that something your hosting provider does/did for you?
Can you check the “Add and Remove Programs” to see if anything ACME related was added in the last few months?


#5

I doubt the site runs Windows.

$ nc -vvv  cd-athenaeum.com 22
Connection to cd-athenaeum.com 22 port [tcp/ssh] succeeded!
SSH-2.0-OpenSSH_7.4

Seems to be cPanel:

$ curl -X GET -I  cd-athenaeum.com:2083
HTTP/1.1 301 Moved
Content-length: 115
Location: https://cp165176.hpdns.net:2083

#6

Actually it may have been setup much before 91 days ago:
https://crt.sh/?q=cd-athenaeum.com
Maybe as far back as 2017-09


#7

@markdimaandal usually cPanel hosting comes with free, automatic SSL certificates (https://blog.cpanel.com/autossl/).

However, your host (HostPresto) appears to have disabled AutoSSL. Either that, or it’s not working. You need to email HostPresto about it to ask them.

So unfortunately your only real choice is to either get a host that doesn’t disable AutoSSL, or to use a website like ZeroSSL to get a new Let’s Encrypt certificate for your domain. There are some tutorials for using ZeroSSL with cPanel on the “How-To Videos” link on the ZeroSSL website.


#8

Thanks for the help guys!


#9

Or use a CDN (with HTTPS) and block everyone else from your HTTP only site - LOL

Obviously that is a huge false sense of security…
But “What your customers don’t know won’t kill 'em!”


#10

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.