TLS Certificate not trusted

My domain is: www.jlambertphotos.com

I ran this command using the ruby acme-client version 0.6.3.

def csr
  csr = OpenSSL::X509::Request.new
  csr.subject = OpenSSL::X509::Name.new(
    [['CN', domain, OpenSSL::ASN1::UTF8STRING]]
  )
  private_key = OpenSSL::PKey::RSA.new(key)
  csr.public_key = private_key.public_key
  csr.sign(private_key, OpenSSL::Digest::SHA256.new)
  csr
end

LetsEncrypt.client.new_certificate(csr)

It produced this output:

It generates a certificate, but when I use a ssl checker such as digicert.com/help, it shows that the TLS certificate is not trust, with the following message:

The certificate is not signed by a trusted authority (checking against Mozilla's root store). If you bought the certificate from a trusted authority, you probably just need to install one or more Intermediate certificates. Contact your certificate provider for assistance doing this for your server platform.

My web server is (include version): nginx 1.16.0

The operating system my web server runs on is (include version): aws linux.

I can login to a root shell on my machine (yes or no, or I don't know): yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): ruby acme-client version 0.6.3

Please show the complete CSR file or the output you mention:

Hi @ajsharp

checking your domain there is no new certificate - https://check-your-website.server-daten.de/?q=jlambertphotos.com

The Certspotter-part is empty. Last certificate:

Rechecked with Google - the same - Google Transparency Report

Why do you think there is a certificate created?

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.