SSL succesfully installed but it show not secure and expiry in 81 days

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g., so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:

I ran this command: not sure, i am beginner of web design

It produced this output: not sure, i am beginner of web design

My web server is (include version): not sure, i am beginner of web design

The operating system my web server runs on is (include version): not sure, i am beginner of web design

My hosting provider, if applicable, is: hostgator

I can login to a root shell on my machine (yes or no, or I don’t know): yes, i can login to Cpanel

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): CPANEL 78.0.30

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):

Hi @ahyaw84

checking your domain -

You have two different certificates:

Issuer not before not after Domain names LE-Duplicate next LE
Sectigo RSA Domain Validation Secure Server CA 2019-06-30 2020-06-29, - 2 entries
Let’s Encrypt Authority X3 2019-06-21 2019-09-19,,,,,,,, - 9 entries
Let’s Encrypt Authority X3 2019-04-21 2019-07-20,,,,,,,, - 9 entries

The Letsencrypt certificate is created from your cPanel and has all domain names. The newer Sectigo certificate is wrong, is missing. So you shouldn’t use that certificate.

And both connections are secure:

Domainname Http-Status redirect Sec. G 301 0.857 D 200 2.567 H 301 1.750 B 200 3.330 I

But you don’t have a redirect http + non-www -> https + non-www. So if you use the non-www version with http, you are insecure.

And you have one mixed content problem:

loads three urls via http:

That’s the mixed content warning in your browser.

But this warning is mixed content, not a wrong certificate. So fix these links.

The “expiry in 81 days” part is perfectly normal; certificates from Let’s Encrypt are good for 90 days. If the Cpanel integration is working as it should be, the certificate is automatically renewed before it expires (usually about a month before it expires).

Dear JuergenAuer,

Thanks for reply and your professional support. May i know what should i do next to solve this issue? I am a layman on this SSL.
Should i purchase another SSL certificate or is there other way to re-do the SSL?
I need your professional advise.

Thanks again.

Boon Yaw

Your SSL works, there is no problem. The cPanel Letsencrypt certificate is up to date. You don’t need another certificate.

Fix the mixed content problem reports. You have a Grade I, that’s not good.

If you have fixed that, you may have a Grade H (http without redirect https).

Domainname Http-Status redirect Sec. G 301 0.816 D 200 2.017 H 301 1.857 B 200 2.983 I

Your http + non-www needs a redirect to https. So add one.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.