Safari sees my Cloudflare SSL and works, Chrome sees my Letencrypt SSL and says it's expired, auto-renew says I don't need to renew, what should I do?

starrynite · October 2, 2019, 1:01pm

I have a website powered by Ubuntu with AWS. And I use Cloudflare as my CDN.

Everything was fine until today when I opened my website in Chrome, it says:

However, when I opened the page in Safari, everything is fine, it says:
[Sorry, I can only post one image, so this is an image with correct certificate] It’s on stackoverflow here: https://i.stack.imgur.com/yipxv.png

And when I logged on my AWS and executed both:

sudo certbot renew
sudo letsencrypt renew

It says No renewals were attempted. When I checked the log file, it says no renewal failures.

Another confusing question is, why Chrome is not seeing my Cloudflare SSL?

Hope to get some help here.

Thanks,

JuergenAuer · October 2, 2019, 1:31pm

Hi @starrynite

please share your domain name.

starrynite · October 4, 2019, 2:27am

JuergenAuer, thanks very much for your reply. It’s arealme.com. Now it’s working okay, but I don’t know when it would come out. It’s hard to reproduce.

schoen · October 4, 2019, 5:07am

It could have to do with a configuration problem related to the four different IP addresses that this site has

arealme.com has address 104.25.6.24
arealme.com has address 104.25.7.24
arealme.com has IPv6 address 2606:4700:20::6819:718
arealme.com has IPv6 address 2606:4700:20::6819:618

Maybe some of these work properly and others don’t, and sometimes one of your browsers is caching or using a different IP address for the site than the other browser is?

starrynite · October 4, 2019, 5:19am

Thanks, I am a newbie for this. How can I fix this? I am using CloudFlare and I think everything I configured is at their dashboard and I only input my AWS IP address in their DNS setting panel.

schoen · October 4, 2019, 5:22am

Currently it looks all right to me—do you think you could let us know if the problem recurs, and maybe also take a screenshot when it does?

starrynite · October 8, 2019, 8:02am

I also can’t. It’s very hard to reproduce. I guess it was because I was turning on my VPN last time I encountered this issue. I don’t know why a VPN could affect my certificate. And I am quite sure all other websites were good then, though I only tried a few famous ones like Google, Youtube or Facebook.