SSL certificate is installed on iis and website but in browser is unknown

Hi, I have used LetsEncrypt-Win-Simple in windows server 2016 to create my website certificates and i have 2 domains that i create certificate for each one, in iis server certificates list they are exists and everything is ok, and also in website binding setting both of them are exists and ok, now when i open website on my google chrome client, browser tells me that certificate is not safe and also shown in certificate info : issued by localhost!!
I don’t know where is wrong?
Thanks for helping.
Server OS: windows server 2016
Web Server: IIS 10

Hi @MarshalOfficial

checking your first domain via there are wrong certificates used.

First, you don’t have an A entry of your main domain:

Host T IP-Address is auth. ∑ Queries ∑ Timeout A yes 1 0
AAAA yes A yes 1 0
AAAA yes

The www version has a self signed:

expires in 1500 days	localhost - 1 entry

And http + www redirects to

Same with your second domain ( ):

The second domain name has a new certificate, but it’s not used.

CRT-Id Issuer not before not after Domain names LE-Duplicate next LE
1384058060 CN=Let’s Encrypt Authority X3, O=Let’s Encrypt, C=US 2019-04-14 05:42:11 2019-07-13 05:42:11 duplicate nr. 1
1173148243 CN=Let’s Encrypt Authority X3, O=Let’s Encrypt, C=US 2019-02-03 13:05:57 2019-05-04 12:05:57 *,

Same with your first domain.

Looks like your bindings aren’t correct. Did you add the hostname value and checked “SNI required”?

Looks like both domains use the standard binding, not the individual binding.

Share a screenshot of your bindings.

Thanks for your answer,
below is my binding screenshot:

Now I’ve read the header details of


Domainname Http-Status redirect Sec. G 301 0.050 A 302 0.197 D 404 0.763 M
Not Found 200 3.874 N
Certificate error: RemoteCertificateNameMismatch, RemoteCertificateChainErrors 404 0.434 A
Not Found
Visible Content: Server Error 404 - File or directory not found. The resource you are looking for might have been removed, had its name changed, or is temporarily unavailable.

there is a checkbox

show header

Your http version answers:

Server: Microsoft-IIS/10.0
X-Powered-By: PHP/7.2.7,ASP.NET

But your https has a different header:

Server: Kestrel

Looks like your IIS isn’t used. So your bindings (looks ok) aren’t used.

Thanks bro, I you said https was handling by Kestrel, and was from a default setting in visual studio core application properties, so i disable it and republish project to iis and problem resolved,
I just say for others guy that might have same issue in future :
Visual studio core project - > properties -> debug - > Uncheck Enable SSL
(this will disable localhost managing ssl by Kestrel)
Thanks to @JuergenAuer again,


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.