Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is: www.searchintegral.com
I ran this command: https://www.searchintegral.com
It produced this output:
SSL_ERROR_BAD_CERT_DOMAIN
SSL_ERROR_RX_RECORD_TOO_LONG
My web server is (include version):
nginx 1.10.3
The operating system my web server runs on is (include version):
ubuntu server 16.04
My hosting provider, if applicable, is:
inhouse
I can login to a root shell on my machine (yes or no, or I don’t know):
yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
no
Detail staus is as below:
-
Before
https://www.searchintegral.com ok without any problem -
After
- using https://www.ollegustafsson.com/en/letsencrypt-routeros/
to get router.searchintegral.com certificate from lets encrypt with the acme.sh - display
[Thu Mar 1 16:56:47 CST 2018] Le_LinkCert=‘https://acme-v01.api.letsencrypt.org/acme/cert/0448486ee4e5a29ba5f51c56966013071cc9’
[Thu Mar 1 16:56:47 CST 2018] Cert success.
- using https://www.ollegustafsson.com/en/letsencrypt-routeros/
- but the key file lenght is zero
-rw-rw-r-- 1 remote remote 1648 Mar 1 17:50 router.searchintegral.com.cer
-rw-rw-r-- 1 remote remote 846 Mar 1 17:50 router.searchintegral.com.conf
-rw-rw-r-- 1 remote remote 1005 Mar 1 16:56 router.searchintegral.com.csr
-rw-rw-r-- 1 remote remote 220 Mar 1 16:56 router.searchintegral.com.csr.conf
-rw-rw-r-- 1 remote remote 0 Mar 1 17:50 router.searchintegral.com.key
-
Error status
-
https://www.searchintegral.com using chrome or firefox gets the following errors:
- SSL_ERROR_BAD_CERT_DOMAIN
- SSL_ERROR_RX_RECORD_TOO_LONG
- using curl -v https://www.searchintegral.cm gets
- remote@elasticSearch:~/.acme.sh$ curl -v https://www.searchintegral.com
Rebuilt URL to: https://www.searchintegral.com/
Trying 59.124.243.190…
Connected to www.searchintegral.com (59.124.243.190) port 443 (#0)
found 148 certificates in /etc/ssl/certs/ca-certificates.crt
found 592 certificates in /etc/ssl/certs
ALPN, offering http/1.1
gnutls_handshake() failed: An unexpected TLS packet was received.
Closing connection 0
curl: (35) gnutls_handshake() failed: An unexpected TLS packet was received.
- remote@elasticSearch:~/.acme.sh$ curl -v https://www.searchintegral.com
-
https://www.searchintegral.com using chrome or firefox gets the following errors:
-
Action
-
remove certificate with acme.sh
remote@elasticSearch:~/.acme.sh$ ./acme.sh --remove -d router.searchintegral.com
[Mon Mar 5 11:09:31 CST 2018] router.searchintegral.com is removed, the key and cert files are in
/home/remote/.acme.sh/router.searchintegral.com
[Mon Mar 5 11:09:31 CST 2018] You can remove them by yourself. -
delete the TXT record from DNS
-
check the certificate status from
https://crt.sh/?q=router.searchintegral.com Certificates
crt.sh ID Logged At ⇧ Not Before Issuer Name
344591435 2018-03-01 2018-03-01 C=US, O=Let’s Encrypt, CN=Let’s Encrypt Authority X3https://crt.sh/?q=router.searchintegral.com
crt.sh ID Logged At ⇧ Not Before Issuer Name
337059996 2018-02-21 2018-02-21 C=US, O=Let’s Encrypt, CN=Let’s Encrypt Authority X3
285614082 2017-12-23 2017-12-23 C=US, O=Let’s Encrypt, CN=Let’s Encrypt Authority X3
238974599 2017-10-24 2017-10-24 C=US, O=Let’s Encrypt, CN=Let’s Encrypt Authority X3
190032535 2017-08-14 2017-08-14 C=US, O=Let’s Encrypt, CN=Let’s Encrypt Authority X3
154477173 2017-06-15 2017-06-15 C=US, O=Let’s Encrypt, CN=Let’s Encrypt Authority X3
-
-
Current staus
- https://www.searchintegral.com/ - still get the same error
Are there anything that I forget ?
Thanks for your help …