Site is no more secure before Certificate expiry date

Help
1

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: abrajallulu(DOT)org

I ran this command: I installed Cert and Site was secured but checked couple of days back and it was showing Not Secured. Installed successfully and working fine earlier - Your cert will expire on 2020-09-01. Auto renew was enabled.
But it started showing Not Secure… Then I checked there is no folder /etc/letsencrypt , Also my httpd-ssl file has no entries for cert files I entered. Something is wrong …

It produced this output: Not Secure

My web server is (include version): Xampp, Apache/2.4.43 (Unix)

The operating system my web server runs on is (include version): centos rhel fedora

My hosting provider, if applicable, is: AWS Linux

I can login to a root shell on my machine (yes or no, or I don’t know): Yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): No

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):

2

Something really strange is going on because your website is being served by an extremely misconfigured webserver with a self signed certificate: https://www.ssllabs.com/ssltest/analyze.html?d=abrajallulu.org&hideResults=on

And there are no certificates issued for your domain: https://crt.sh/?q=abrajallulu.org

3

Hello 9peppe,
Thanks for prompt reply.
Actually yes something went wrong. Certificate was installed successfully but recently… I do not see it. Trying to understand what could be the reason and solution to fix it. Can you please suggest.

Thanks

4

From whom did you get the certificate that expires 2020-09-01? This will help us understand your current circumstances.

5

I myself installed it using certbot letsencrypt SSL.

IMPORTANT NOTES:

  • Congratulations! Your certificate and chain have been saved at:
    /etc/letsencrypt/live/svrco.org/fullchain.pem
    Your key file has been saved at:
    /etc/letsencrypt/live/svrco.org/privkey.pem
    Your cert will expire on 2020-09-01.
6

Is abrajallulu.org your actual domain name or just some random domain name?

Because I don’t see any trace of a certificate for this domain in public certificate logs.

7

it is actual domain… I got everything working successfully and properly… till i checked recently…

8

That's a different domain than abrajallulu.org.

9

Yes Right that is different

10

Hi @shri.dk07

checking that domain the critical things are ok - svrco.org - Make your website better - DNS, redirects, mixed content, certificates

The certificate is valid:

CN=svrco.org
	10.07.2020
	08.10.2020
expires in 52 days	svrco.org - 1 entry

www isn't defined. There are two small content problems (missing files), but no mixed content.

May be some styles don't work because of the missing css file.

11

Do you have an output like this related to abrajallulu.org? Perhaps you ran certbot with --dry-run, which tests your configuration but doesn't install a real certificate? Then again, you said you saw it working. Hmmm.... :thinking: @9peppe's comment about crt.sh would show if you ever had a working certificate issued.

12

Yes Right this is Out put when I installed it successfully.Strangely I do not see certbot anymore on my Server

13

The output you posted was for svrco.org though, which won’t help you at all for abrajallulu.org.

14

No That was for abrajallulu.org

15

The folder indicates the domain that the output is for.

16

/etc/letsencrypt/live/svrco.org/fullchain.pem

That's the svrco.org certificate / output.

1 Like
17

Ohh… sorry about that… will check again and reply

18

No worries. :wink: We’ve seen stranger things here.

19

@JuergenAuer: Thanks for the assist. Thought I was misreading things for a moment. :smile:

20

Thanks will check and get back… but why /etc/letsencrypt folder is not there anymore… also httpd-ssl file does not have my new keys…Just wondering…