Valid date not updating on certificate renewal

Help
1

Certificate renewal appears to have been successful based on output, but after restarting httpd and restarting browser, the certificate valid date remains the same, to expire on 12/28/19.

My domain is: vdap.org

I ran this command: certbot-auto renew

It produced this output:

Upgrading certbot-auto 0.39.0 to 1.0.0…
Replacing certbot-auto…
Creating virtual environment…
Installing Python packages…
Installation succeeded.
Saving debug log to /var/log/letsencrypt/letsencrypt.log

Processing /etc/letsencrypt/renewal/vdap.org.conf

Cert is due for renewal, auto-renewing…
Plugins selected: Authenticator apache, Installer apache
Renewing an existing certificate
Performing the following challenges:
http-01 challenge for vdap.org
Waiting for verification…
Cleaning up challenges

new certificate deployed with reload of apache server; fullchain is
/etc/letsencrypt/live/vdap.org/fullchain.pem

Congratulations, all renewals succeeded. The following certs have been renewed:
/etc/letsencrypt/live/vdap.org/fullchain.pem (success)

My web server is (include version):
Server version: Apache/2.4.37 (centos)
Server built: Oct 7 2019 21:42:02

The operating system my web server runs on is (include version):
CentOS 8

My hosting provider, if applicable, is: self

I can login to a root shell on my machine (yes or no, or I don’t know): yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): 1.0.0

2

Actually, if I check this https://www.ssllabs.com/ssltest/analyze.html?d=vdap.org&latest it seems ok. When I click on the lock icon in the browser and look at certificate information that way, valid date expires 12/28/2019. Is that typical?

3

Hi @dnorgaard

checking your domain there is the new certificate - https://check-your-website.server-daten.de/?q=vdap.org

omainname Http-Status redirect Sec. G
http://vdap.org/ 74.95.35.221 301 https://vdap.org/ Html is minified: 100,00 % 0.407 A
http://www.vdap.org/ 216.110.146.66 No GZip used - 5238 / 21575 - 24,28 % possible 200 Html is minified: 1085,26 % 0.423 H
https://vdap.org/ 74.95.35.221 Inline-JavaScript (∑/total): 0/0 Inline-CSS (∑/total): 0/0 401 Html is minified: 100,26 % 6.140 M
Unauthorized
https://www.vdap.org/ 216.110.146.66 No GZip used - 5238 / 21575 - 24,28 % possible
Inline-JavaScript (∑/total): 2/394 Inline-CSS (∑/total): 1/2 200 Html is minified: 1085,26 % 5.280 N
Certificate error: RemoteCertificateNameMismatch

The non-www version has the correct certificate, the www (with another ip address) has a wrong. But if it's only a private used server, that's not relevant.

And the certificate is new:

	09.12.2019
	08.03.2020
expires in 90 days	vdap.org - 1 entry

Perhaps your browser cache is too old.

4

I think you’re right. It’s correct now.

1 Like
5

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.