Reported 'expired certificate' when using DNS-over-tls on an android with letsencrypt cert

Hi there, I'm using letsencrypt cert for my AdGuardHome dns server. At first, all things were fine. However, my android phone can't use the DNS-over-tls nowadays, and the AdGuardHome's log shows that '2022/06/07 20:20:49.989204 [error] handling tcp: reading msg: reading len: remote error: tls: expired certificate'. I'm very sure that my certs are up-to-date, and there's no changes after force-renewing. Then I tried zerossl and the problem was solved, so I believed that it may be an issue related to letsencrypt.
My android phone is Oneplus 9 running Android 12. I have also tried on a Huawei device running Android 10.
Thanks in advance.

My domain (use tls:// for DOT)
My web server is (include version):Adguardhome v0.108.0-b.9/ Nginx(for https server, which works fine)
The operating system my web server runs on is (include version):Ubuntu 22.04
My hosting provider, if applicable, is: Tencent Cloud
I can login to a root shell on my machine (yes or no, or I don't know): yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel): No
The version of my client is: certbot 1.21.0

1 Like

Have you read?:


Thanks, It works. I remember that I have tried it before and it didn't work, maybe i remember wrong. Sorry for disturbing.


To me it feels like each Android revision and manufactures' configuration are unique enough that just saying Android is a bit too ambiguous. Maybe it is just me.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.