SSL Certificate Update - No verification yet after 12 hours


#1

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: bitblockrevolution.com

I ran this command: Trying to validate my SSL Certificate

It produced this output: It never got validated. I never got a validation message from Let’s Encrypt. Please confirm my next step.

My web server is (include version): Media Temple

The operating system my web server runs on is (include version): CENTOS

My hosting provider, if applicable, is: Media Temple

I can login to a root shell on my machine (yes or no, or I don’t know): No I am on a grid.

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): Yes


#2

You don’t get a validation message, as LE doesn’t send them. What are you doing to “try[] to validate my SSL Certificate”?


#3

Hi @designerwriter

you have one active Letsencrypt certificate from 2018-05-30 to 2018-0828

https://transparencyreport.google.com/https/certificates?cert_search_auth=&cert_search_cert=&cert_search=include_expired:false;include_subdomains:false;domain:bitblockrevolution.com&lu=cert_search

So it’s invalide in two days. How did you create this certificate?


#4

Media temple told me how to validate it. I just got a message stating that it has expired! I am trying to update it. Is there a way that I can get it to update automatically?


#5

I have 2 other websites that stated they have expired…for gracecvisconti.com and traditionalshiatsutherapy.com. I updated them yesterday and got a message stating that they have expired. I was within the time frame. Media Temple said that I had to wait 12 hours for approval. I am really confused. Can you help clarify what I should do next or does it automatically update?


#6

Oh and I have one more website which is expired but I can’t even get into that website now…eagleheartdynamic.com.


#7

There is no universal advice because it depends completely on the software requesting the certificate. The certificate renewal always involves having software somewhere request a new certificate from the certificate authority (the certificate authority can’t unilaterally update the certificate).

From what you’ve written above, it sounds like Media Temple is responsible for this software and that it’s within their control and responsibility. If you can get more technical details from them about any problems that they might be encountering or tasks that they expect you to complete now, we can definitely look over what they have to say and give you further guidance or explanation.

Typically hosting providers can (and should) do this, but if you’re not the system administrator of the server, you typically can’t set this up for yourself.


#8

I am using SSL For Free because it’s free. Their SSL service is not free. I just asked them how to update it and that’s where I ran into the problem. What if I just start over and reinstall new certificates rather than update them because this is where the problem seems to be.


#9

If you use sslforfree, you have to repeat the process on sslforfree every time before your certificate expires, in order to obtain a new certificate. Then you would have to provide that new certificate to your host. There’s no way to change the existing certificate.


#10

Media Temple told me I could delete it and upload another one! This is so confusing. Right now I cannot access eagleheartdynamic.com and that is my portfolio website. I didn’t even get a notice for my website that it was expiring. So last night MT told me that I can remove the website and upload a new one.

I think where I made the error when I did the update is that I did not download the updated certificate after I added the acme and TXT string in the proper place on the MT website. I was told that I had to wait for approval but that approval never came by email!


#11

There are help files:

Install a Let’s Encrypt SSL

https://mediatemple.net/community/products/dv/208603976/install-a-let's-encrypt-ssl

https://wallydavid.com/visual-guide-installing-lets-encrypt-ssl-media-temple-or-a-plesk-hosting-account/

Isn’t it possible to use one of these?

Do you use Plesk?

Letsencrypt-certificates are free. But the main problem I see: The installation. So every integrated solution of your hoster is better then every external service.


#12

Were you using this step on sslforfree.com?


#13

Yes Seth that’s the step I was using.


#14

OK, did you then get to something like this?


#15

I was told that I would get an approval in an email so not to do anything until I got it. I went through all of those steps you listed but did not click the download. Now what should I do? The TXT is already pasted in there for 2 of the websites but I am concerned about eagleheartdynamic.com because I didn’t even get an email stating that it was expiring so I had no link to go to. Now what do I do for that website? Download a new one? That’s what


#16

I don’t understand who or what told you that you would get the e-mail. That’s not part of Let’s Encrypt’s issuance process at all. Do you remember the circumstances under which you received that information?

If you don’t have your certificate and private key, you should probably repeat the certificate issuance process from scratch. You’re allowed to issue duplicative certificates up to 5 times per week.


#17

“If you don’t have your certificate and private key, you should probably repeat the certificate issuance process from scratch. You’re allowed to issue duplicative certificates up to 5 times per week.”

Thanks Seth. That’s all I need to know.


#18

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.