Hi all,
We are a small team with zero tech support. One of our former colleagues set up a website for us, mycelia.earth, and the SSL recently stopped working. I have no idea how to get it back up and running, and a little sleuthing brought me to Let's Encrypt as our SSL issuer, but they don't provide customer service, so I'm at a dead end. Any help on where to even start with this would be greatly appreciated!
Hello @bionutrientfood, welcome to the Let's Encrypt community. 
Please put an "I do not know" for items you do now have answers to.
Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is:
I ran this command:
It produced this output:
My web server is (include version):
The operating system my web server runs on is (include version):
My hosting provider, if applicable, is:
I can login to a root shell on my machine (yes or no, or I don't know):
I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):
Thank you for assisting us in helping YOU!
My domain is: mycelia.earth
I ran this command: I don't know
It produced this output: I don't know
My web server is (include version): I don't know (maybe Hestia?)
The operating system my web server runs on is (include version): I don't know (maybe Hestia?)
My hosting provider, if applicable, is: I don't know (maybe Hestia?)
I can login to a root shell on my machine (yes or no, or I don't know): No
I'm using a control panel to manage my site (no, or provide the name and version of the control panel): No
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): I don't know
Thanks Bruce! We are truly starting from scratch here, I don't even know where to begin to access our site again. All I know is that GoDaddy can't help us because we did not purchase our SSL through them. The other organization that our records talk about is Hestia, but we've been running into dead ends there as well.
Notes to assist other more knowledgeable Let's Encrypt community volunteers that are willing to assist.
Here is a list of issued certificates https://crt.sh/?q=mycelia.earth, latest being 2022-09-21.
SSL Checker ; expired certificate being served for bionutrient.org & www.bionutrient.org
DNS Spy report for mycelia.earth
mycelia.earth | DNSViz
SSL Server Test: mycelia.earth (Powered by Qualys SSL Labs)
The IP in use seems dedicated.
Are you sure that you can't access that system as root?
[you might need to speak with the HSP]
Have you (or anyone else) heard of Hestia? That seems to be our HSP (does that stand for Host Service Provider?), but it's not a website you can log in to, it sounds like it's software of some kind. The guy who set up our websites initially was very techy, but he's not with the company any more, so none of this makes sense to any of us, haha.
HSP = Hosting Service Provider
Hestia sounds like an HSP.
Here is what Netcraft reveals Site report for https://mycelia.earth | Netcraft that my lead the hosting provider.
And this is what I get with a traceroute
$ sudo traceroute -T -p 80 mycelia.earth
traceroute to mycelia.earth (70.32.72.219), 30 hops max, 60 byte packets
1 192.168.1.1 (192.168.1.1) 0.206 ms 0.278 ms 0.243 ms
2 96.120.60.137 (96.120.60.137) 4.767 ms 4.747 ms 5.274 ms
3 ae-312-1258-rur102.beaverton.or.bverton.comcast.net (68.87.217.41) 6.035 ms 5.935 ms 5.917 ms
4 96.216.60.245 (96.216.60.245) 5.115 ms 5.101 ms 5.128 ms
5 ae-69-ar01.troutdale.or.bverton.comcast.net (68.85.243.197) 15.792 ms 6.713 ms 6.699 ms
6 4.68.37.245 (4.68.37.245) 7.588 ms 9.197 ms 6.317 ms
7 * * *
8 4.14.98.38 (4.14.98.38) 72.375 ms 72.511 ms 72.164 ms
9 ae0.iad1-ibrsb0105-01.bb.gdinf.net (148.72.36.5) 74.998 ms 74.984 ms 80.475 ms
10 ae8.phx3-bbmb1001-02.bb.gdinf.net (148.72.36.115) 92.293 ms 92.278 ms 96.874 ms
11 ae2.phx3-pemc0215-01.bb.gdinf.net (148.72.32.67) 90.876 ms 96.165 ms 96.830 ms
12 * * *
13 * * *
14 * * *
15 * * *
16 * * *
17 * * *
18 75vp-jrvx.accessdomain.com (70.32.72.219) 86.510 ms 86.155 ms 83.608 ms
Hestia is a control panel AFAIK, not a hosting provider.
Well it sounded like more than that to me - LOL
But you may be right.
The IP is managed by Media Temple.
Now that is an HSP.
redirect to
Okay, so this is where I'm running into the problem. That site was originally hosted by MediaTemple, but they transferred everything over to GoDaddy without telling us they were going to a while back, and we've been having issues ever since. GoDaddy says that they do not host our SSL Certificate, MediaTemple says that they do not host our SSL Certificate...and the reason I ended up here is because one of the results I got from searching was that our SSL was issued by Let's Encrypt.
There is nothing LE can do to force your system to use a cert that was provided by LE.
No CA can.
No one outside your server can [without sufficient access].
"They" who?
Your site IP is still showing within a network hosted by Media Temple.
Yeah, they are telling me that everything is over at GoDaddy now, and they can't help; GoDaddy says the same. I just spoke with another rep on the phone, and he was pretty rude. I'm at a dead end on this one.
Thank you guys for all being so kind and helpful, I really appreciate it! It has been a frustrating day.
Even if we could magically get you a certificate, without access to some way to administrate the server you wouldn't be able to do anything to install it. So your first order of business is to figure out how to access whatever systems run your site. Follow the money: presumably you pay somebody for hosting the site, and they should be able to help you understand what you're paying for and what access you have to it, since they have a vested interest in you continuing to pay them money.
It sounds to me like a third-party provider might be handling domain name registration/renewal and hosting account administration. There are a large number of these "site administrative services" (for lack of a better term) out there that partner with various vendors, especially GoDaddy. If that's the case here, it would help to understand who is doing/responsible-for what, especially when it comes to certificate provenance.
Hestia is an excellent open source control panel for your Linux server. I regularly visit their Community. It can be helpful, but it is not aimed at inexperienced users. They expect participants to be capable Linux system administrators. They have extensive online documentation available. There is an ACME client built into Hestia.
Let me know if that helps or if you have more questions.
There are two different entities, the domain registrar (currently GoDaddy) and the web host (currently Media Temple).
These don't have to be done by separate entities, but they currently are in your setup.
Also, the web host could still be indicated as web host even if you don't have an active relationship with it (in which case the host would probably eventually shut down or disable your site content). Anyone can point a domain name at any IP address, even without the agreement of the operator of the target.
Do you have credentials to administer the domain with GoDaddy (the registrar)?
Your server hosts the following websites:
bionutrient.net
mycelia.earth
I was using: https://dnslytics.com/reverse-ip/70.32.72.219
My theory is that you were on one of these server packages at media temple:
As you noted, they have now moved all their customers to Go Daddy:
This would mean that you are currently paying GoDaddy for a linux based virtual private server (VPS), and this would mean that you have what's called "shell" access, i.e you have a username and password you can use to connect to the server and administer it using SSH (not just via a website control panel. You may not know or have used these credentials but that's likely how it was set up initially.
I note that your server report PleskLin in it's host headers, and there is a plesk control panel (Plesk Obsidian 18.0.51) available at that IP address : https://70.32.72.219:8443/login_up.php ( or https://75vp-jrvx.accessdomain.com:8443/login_up.php) , and at http://70.32.72.219:8880/login_up.php
If you have the login details for that (probably 'admin' and some password) you can then investigate if SSL is enabled in plesk.
Then review the Plesk instructions shown here to check your Let's Encrypt certificate is configured:
If you can get logged into Plesk you should be able to fix it, but if not you would require support from GoDaddy to get the Plesk admin password reset.You should also confirm with them how to get SSH access to your server (so that low level administrative tasks like upgrading Plesk etc can be performed). You can hire local web developers as freelance to help administer this sort of thing for you, but they need to be able to login first.