how does one check the SSL certificate validity date?
If it doesn't auto renew as it should, how do I renew it??
My past software team set up 2 websites that use Let's Encrypt with auto renew SSL every 3 months. Apparently it's not auto renewing because one of the websites SSL just expired (notice upon going to URL. under details of the notice it reads Validity date: 6/25/35 @ 6:05:50 PM, which is exactly when this all happened) and the other website is showing a 502 error...which MAY be connected to an expired SSL cert as well since it happened at the same time.
These websites are used for a smartphone app to run properly which use AWS. All is fine on the AWS side.
the tech stack provided by the original team who built this notes: HTTP Cert, Lets Encrypt, "no account needed." So I don't have an account to log into.
You can check a site's certificate's expiration date with SSL Checker
There's no "one size fits all" to Let's Encrypt and ACME in general. So we can't answer your question without a LOT more information. (Unless crystal globes are suddenly a real thing.)
When you opened this thread in the Help section, you should have been provided with a questionnaire. Maybe you didn't get it somehow (which is weird), or you've decided to delete it. In any case, all the answers to this questionnaire are required:
Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is:
I ran this command:
It produced this output:
My web server is (include version):
The operating system my web server runs on is (include version):
My hosting provider, if applicable, is:
I can login to a root shell on my machine (yes or no, or I don't know):
I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
The version of my client is (e.g. output of
certbot --version or
certbot-auto --version if you're using Certbot):
Hi @Katie26, and welcome to the LE community forum
As already mentioned; But it also can serve to show the expiration dates of all the certs issued to your domain.
As for renewing...
Please answer the questions above so that we can better understand what you are using and better direct you on how to troubleshoot/correct issues with your specific situation.
I appreciate your kindness...unfortunately I'm not a developer.
I'm not running commands. All I know is for some reason I don't have an account with let's encrypt because one isn't needed (so I'm a bit unsure how I manage the SSL cert). All the documentation I have says "will auto renew every 3 months"
the websites are:
www.GuideOnMilitary.com- showing the 502 error *no idea how to see validity date here
staging.ByforSolutions.com -showing the expired cert, validity date ended 6/25/23 @ 6:05:50 pm Eastern
6/25/23 6:05 pm is when the 502 error started as well. so im assuming it's connected to this expired SSL.
I think the server is Nginx
Hosted on AWS.
Your "notes" are unclear/incorrect.
There exists no "accounts" as a human would use.
How much access do you have to that server?
If very little, who does have elevated access to it?
Doesn't look that way to me.
502 is a backend/database issue.
The cert for it was renewed 16 days ago.
Also, the two names resolve to very different IP addresses.
[two different servers = two separate problems].
ok, so just a coincidence...Thats good to know and narrows the issue down a bit! much appreciated
I do apologize I don't have the technical knowhow to communicate properly here. Just hoping for help to get things running properly again.
We are here to help ...
But there is only so much we can do with such little input.
Is there anyone who can "login as admin" to these systems?
I have a developer fired who is willing to help tonight or tomorrow. All accounts are in my name so I have admin/root access to everything. All instances on AWS are running fine (confirmed with AWS support already), Domain purchased via GoDaddy which is where the DSN management is (confirmed with GoDaddy all is fine there too). I can't figure out why the Lets Encrypt SSL didn't auto renew ...well for one website... you mentioned it did review 13 days ago for the one that has the 502 error.
I have no idea how to access Nginx(guessing thats the server)...I was provided "Server credentials" but I don't know where I'd go to log in for that.
Yes, two separate servers with two distinctly different problems.
There isn't much we can do here about the 502 erroring one.
For the expired cert, we will need you/someone to login as root and do some basic investigation and then maybe some troubleshooting as well.
Very likely something needs to change [back to how it last worked] to correct whatever is broken there.
log into AWS and investigate? or somewhere else?
I'll definitely pass this thread onto my dev friend. So feel free to post tech stuff he'd understand.
Log into wherever this is being hosted:
Stuff we'd like to do/see:
- find which ACME client is in use
check though jobs:
- upload the ACME client log file [showing error/failure reason]
- run a test renewal and upload output
- review anything that may have changed since the last renewal
I just forwarded this thread to my dev friend so he may pop in within the next day
Thank you again for being so kind and helpful!
All the best!
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.