Secure padlock issue

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g., so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:

I ran this command:

It produced this output:

My web server is (include version): IIS

The operating system my web server runs on is (include version): windows server 2008 R2

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don’t know): yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):

I have installed lets encrypt manually for our site, but secure padlock is not shown though the certificate shows valid. How can we fix this ? Do we have to do any changes from our end?
Please guide us.

Hi @P00rni

there is a check of your domain, ~~30 minutes old - - please read that output.

  • Your certificate has only the www domain name, so your non www is insecure.
  • You use Tls.1.0, that’s deprecated. Update to use Tls.1.2.
  • SHA is deprecated. But that’s a result using Tls.1.0.
1 Like

Hi JuergenAuer,

Thanks for your immediate reply! Can you me help me to fix ssl for non www domain, how do I update Tls 1.2. Please guide.

1 Like

If you are able to create a certificate with the www domain, then you are able to create a certificate with both domain names.

Tls.1.2: Check

there is a tool IISCrypto. Use that to enable Tls.1.2.

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.