Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is: cpitechnical.info
I ran this command: installed ssl cert using Lets Encrypt
It produced this output: when i go to my domain name it still not secured
My web server is (include version): im using synology nas and i think it runs on nginx
The operating system my web server runs on is (include version):
DiskStation Manager DSM 7.2.2-72806 Update 3
My hosting provider, if applicable, is: NAS SERVER
I can login to a root shell on my machine (yes or no, or I don't know): JUST USING NAS CONTROL PANEL
I'm using a control panel to manage my site (no, or provide the name and version of the control panel): DSM 7.2.2-72806 Update 3
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):I DONT KNOW
I see a couple issues. The first is that your port 443 is blocked. Likely by your firewall. This is preventing HTTPS access. Port 80 is fine so HTTP works, but port 443 is blocked. See a test site like this one: https://decoder.link/sslchecker/cpitechnical.info/443
Another odd thing is I see you have a history of getting Let's Encrypt certs. Even as recently as Feb12 just 6 days ago. But, you now have CAA records in your DNS that prevent Let's Encrypt from issuing certs. See test result here: Let's Debug You will need to change that to use Let's Encrypt again.
Here is a list of issued certificates crt.sh | cpitechnical.info; I am assuming here the DNS-01 challenge was not used. Thus to obtain this certificate crt.sh | 16702225077 both Subject Alternative Name had to of actually existed.
And Mike's comment is of paramount concern
Which could easily happen if the DNS Configuration were being handled by a web parking sight.
That was issued Not Before: Feb 12 20:49:17 2025 GMT
X509v3 Subject Alternative Name:
DNS:cpitechnical.info
DNS:www.cpitechnical.info
Thus it seems like there has been a distinct change in the DNS configuration since Feb 12 2025.
I think contacting hostinger.com customer support is in order.
Yes, much better. But, you should still review your CAA records. I don't know how you got that cert this morning because these CAA records won't allow Let's Encrypt to issue as they are:
cpitechnical.info. 0 IN CAA 0 issue "globalsign.com"
cpitechnical.info. 0 IN CAA 0 issuewild "globalsign.com"
cpitechnical.info. 0 IN CAA 0 issuewild "digicert.com"
cpitechnical.info. 0 IN CAA 0 issuewild "comodoca.com"
cpitechnical.info. 0 IN CAA 0 issue "www.cpitechnical.info"
