SSL Certificate Not Expired but not working

keithck73 · March 31, 2023, 8:59pm

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: https://www.elmtreefunding.com/

I ran this command:

It produced this output:

My web server is (include version):

The operating system my web server runs on is (include version):

My hosting provider, if applicable, is: MediaTemple

I can login to a root shell on my machine (yes or no, or I don't know): yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): Plesk

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):

My certificate isn't wokring if you visit https://www.elmtreefunding.com/ but upon inspection, it doesn't expire until June 19, 2023

I did get an email from Let's Encrypt saying I need to renew because it expires on April 20.

So something is not right and the setup within Plesk looks correct.

Any thoughts?

Bruce5051 · March 31, 2023, 9:12pm

Hello @keithck73, welcome to the Let's Encrypt community.

The certificate being served by the server only has these in the SANs; www.elmtreefunding.com is missing.

DNS:elmtreefunding.com
DNS:webmail.elmtreefunding.com

You can see that here

rg305 · April 1, 2023, 1:49am

For the visually driven:

You can see that the last cert to cover the "www" name will expire on April 20th.
As @Bruce5051 pointed out, the cert currently being served doesn't cover the "www" name.

Furthermore, cPanel doesn't even try to serve the name with the expected cert.
It uses the default cPanel cert for that name.
Which tells me that cPanel does no longer think it should be serving that name and in March 21st renewed to a cert with less names to keep in line with the names it think it should be serving.

So... the error comes from a misconfigured cPanel.
Add the "www" name back into it and have it renew the cert again.

keithck73 · April 3, 2023, 6:02pm

Thanks for the feedback. Media Temple's transition to GoDaddy has not been great. I reissued the certificate and looks like it's back up and running. Thanks again.

system · May 3, 2023, 6:03pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Renew Certificate not processing Help	8	1732	December 26, 2017
Expired Certificate - Even After Renewal Help	7	800	March 13, 2019
I was renewed my ssl certificate today but still when i try to access my website www.spproductions.in its showing the certificate has expired please help Help	19	6122	March 6, 2019
Https is not working any more http is Help	24	1873	June 16, 2022
Sir My SSl certificate was not working Help	6	1263	December 16, 2017

SSL Certificate Not Expired but not working

Related topics