SSL issue your connection is not private


#1

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: www.ibchospitality.com

I ran this command:

It produced this output:

My web server is (include version):Apache 2.14.18(ubuntu)

The operating system my web server runs on is (include version):Ubuntu 16.04.1 LTS

My hosting provider, if applicable, is:AWS

I can login to a root shell on my machine (yes or no, or I don’t know):yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):

I have renewed ssl certificate for this domain and it shows it is valid till 15 August ,2018 but most of the times when I am visiting site it gives error “Your connection is not private” but when I am reload page it disappears (I did all stuff including clearing brower cache,open in incognive mode and even cleared network cached).

I also checked with Qualis Lab ssl checker and it gives “A” rating but mentioned problem occurs most of the time and shows certificate is expired on 12th May 2018.


#2

You are serving different certificates for www.ibchospitality.com and ibchospitality.com.


#3

Thanks for quick response bytecamp.

Now,I have added ibchospitality.com domain under certificate name www.ibchospitality.com

Here is output of command : sudo letsencrypt certificates

Certificate Name: www.ibchospitality.com
Domains: www.ibchospitality.com ibchospitality.com
Expiry Date: 2018-08-15 08:52:01+00:00 (VALID: 89 days)
Certificate Path: /etc/letsencrypt/live/www.ibchospitality.com/fullchain.pem
Private Key Path: /etc/letsencrypt/live/www.ibchospitality.com/privkey.pem

still this problem occurs.


#4

You - of course - have to configure your webserver accordingly. It has to use the files below /etc/letsencrypt/live/www.ibchospitality.com/, is this the case?


#5

SSL conf file, configured as follows :

SSLCertificateFile /etc/letsencrypt/live/www.ibchospitality.com/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/www.ibchospitality.com/privkey.pem
SSLCertificateChainFile /etc/letsencrypt/live/www.ibchospitality.com/chain.pem
Include /etc/letsencrypt/options-ssl-apache.conf

is anything missing ?


#6

No, this is correct. But I see your case: your server somehow delivers different certificates on subsequent requests.


#7

AWS restart did the trick thanks for your assistance throughout this communication.