SSL Renewal getting fail showing The certificate will expire in 4 days

Help
1

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: app7.juvlon.com & talic.app7.juvlon.com

I ran this command: certbot-auto renew

It produced this output: new certificate deployed with reload of nginx server; fullchain is
/etc/letsencrypt/live/talic.app7.juvlon.com/fullchain.pem

Congratulations, all renewals succeeded. The following certs have been renewed:
/etc/letsencrypt/live/app7.juvlon.com/fullchain.pem (success)
/etc/letsencrypt/live/talic.app7.juvlon.com/fullchain.pem (success)

My web server is (include version): nginx version: nginx/1.15.6

The operating system my web server runs on is (include version): Ubuntu 18.04.1 LTS

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don’t know): Yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): No

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):

2

Hi @adityakamble

checking your domain - https://check-your-website.server-daten.de/?q=app7.juvlon.com

There are some new certificates:

Issuer not before not after Domain names LE-Duplicate next LE
Let's Encrypt Authority X3 2020-03-20 2020-06-18 app7.juvlon.com - 1 entries duplicate nr. 3
Let's Encrypt Authority X3 2020-03-19 2020-06-17 app7.juvlon.com - 1 entries duplicate nr. 2
Let's Encrypt Authority X3 2020-03-19 2020-06-17 talic.app7.juvlon.com - 1 entries duplicate nr. 1
Let's Encrypt Authority X3 2020-03-19 2020-06-17 app7.juvlon.com - 1 entries duplicate nr. 1

And they are used:

CN=app7.juvlon.com
	19.03.2020
	17.06.2020
expires in 85 days	app7.juvlon.com - 1 entry

is one,

CN=app6.juvlon.com
	14.02.2020
	14.05.2020
expires in 51 days	app6.juvlon.com - 1 entry

is a second. So your urls are good, there is no critical problem visible.

Which url has a 4-days certificate?

3

Hi

I had checked on https://www.sslshopper.com/ssl-checker.html its showing The certificate will expire in 4 days, when i run on 19/03/2020 its showing renew successfull but showing 4 days, could you please help me is it need to replace certificate ??

new certificate deployed with reload of nginx server; fullchain is
/etc/letsencrypt/live/talic.app7.juvlon.com/fullchain.pem

Congratulations, all renewals succeeded. The following certs have been renewed:
/etc/letsencrypt/live/app7.juvlon.com/fullchain.pem (success)
/etc/letsencrypt/live/talic.app7.juvlon.com/fullchain.pem (success)

4

Please read the output.

2020-03-24.app7.juvlon.com
2020-03-24.app7.juvlon.com806×457 57.6 KB

That's an old cached result, created 2020-03-09.

5

Thanks for your reply
but how can i confirm the ssl is renew???
or need to replace certificate??

please help me out.

6

ask your browser. or go here:

https://www.ssllabs.com/ssltest/analyze.html?d=app6.juvlon.com&hideResults=on&latest

Alternative names app6.juvlon.com
Serial Number 038e1c3333c6d07e0939e9e16c5ff0052b1e
Valid from Fri, 14 Feb 2020 03:04:51 UTC
Valid until Thu, 14 May 2020 03:04:51 UTC (expires in 1 month and 19 days)
Alternative names talic.app7.juvlon.com
Serial Number 04738d1f9ef0c407e3e5c2ab3c1fb43746a8
Valid from Thu, 19 Mar 2020 16:32:51 UTC
Valid until Wed, 17 Jun 2020 16:32:51 UTC (expires in 2 months and 24 days)
7

Hello Sir

my domain is app7.juvlon.com and talic.app7.juvlon.com

there have some error like --[error] 1263#1263: *8848 recv() failed (104: Connection reset by peer)

so i need to confirm is there any issue with ssl

8

is there need to delete old certificate

9

when i checked on firefox output is given below

The certificate will expire in 70 days. A reminder is already set up.

None of the common names in the certificate match the name that was entered (aap7.juvlon.com). You may receive an error when accessing this site in a web browser. Learn more about name mismatch errors.

One of the certificates is signed with a SHA1 signature. We recommend that you reissue or replace this certificate with one that uses a SHA-2 signature. Contact your SSL provider about how to do this. Read more about the SHA-1 deprecation here.

10

not a problem

Where? I don't see this.

11

i had checked on firefox, sslshopper after same showing 4 days from cache.

but i have received below error is there related ssl.

there have some error like --[error] 1263#1263: *8848 recv() failed (104: Connection reset by peer)

12

I solved some captchas for you and now it tells 85 days for both (which is not right). Stop using that website. :smiley:

13

thanks sir for your help…

14

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.