The subject in the current certificate is causing an issue.
- Server certificate:
-
subject: CN=lencr.org
It should be letsencrypt.org instead of lencr.org.
This is probably impacting a lot of people.
The subject in the current certificate is causing an issue.
subject: CN=lencr.org
It should be letsencrypt.org instead of lencr.org.
This is probably impacting a lot of people.
Hi @macckone welcome to the community!
That is an HTTPS example session, which works well. The certificate contains the domain name in its SAN section:
subjectAltName: host "letsencrypt.org" matched cert's "letsencrypt.org"
Some mirrors do not have the same certificate:
subject: CN=lencr.org
start date: Oct 10 03:00:44 2021 GMT
expire date: Jan 08 03:00:43 2022 GMT
common name: lencr.org
issuer: CN=R3,O=Let's Encrypt,C=US
Curl is showing it as expired but it is the subject mismatch.
My date is correct but I am having the same issue.
date
Wed Dec 1 11:22:22 EST 2021
Doh, it is the R3 certificate that is expired that signed your certificate!
For me it was an outdated ca bundle.
It was probably the ISRG Root X1 signed-by DST Root CA X3 certificate in the chain which was causing some trouble and not the R3 intermediate. But indeed, often updating the CA bundle fixes this.
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.