Your clock is late

seraj · August 19, 2019, 8:41am

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:library.mominoun.com

I ran this command:
Sudo systemctl stop nginx
/opt/letsencrypt/certbot-auto renew
sudo systemctl start nginx

It produced this output:Your clock is late

My web server is (include version):

The operating system my web server runs on is (include version):

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don’t know):

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):

_az · August 19, 2019, 9:00am

What does this show?

sudo timedatectl status

Do you mean that you get this error in your browser? Or on your server?

Have you tried closing the browser tab and opening it again, after renewing the certificate?

JuergenAuer · August 19, 2019, 9:52am

Hi @seraj

checking your domain there is no problem visible - https://check-your-website.server-daten.de/?q=library.mominoun.com

There is a new certificate

CN=library.mominoun.com
	19.08.2019
	17.11.2019
expires in 90 days	library.mominoun.com - 1 entry

the connection is secure.

There is one content error (Grade I), but that's a wrong twitter meta element:

meta
	twitter:card
	مكتبة مؤمنون بلاحدود
	
	
	1
	content is invalid, 
only "summary", "summary_large_image", "app" or "player" allowed

Perhaps share a screenshot of that error. Doesn't look like a certificate problem.

schoen · August 19, 2019, 4:28pm

Maybe it's a browser error like this one?

ferdiS · August 19, 2019, 6:06pm

Ususally this means that your system clock is too far off from real time. Some applications don’t care, but many and certainly those that have to do with encryption and securety do not like it when your systems clock is several minutes behind/in front of real time.

So check and synchronize your system clock compare the output of sudo hwclock with an up to date clock on the internet.
Have you set up NTP on your server?

schoen · August 19, 2019, 11:52pm

In context, this seems like it’s somewhat more likely to be a problem with your desktop computer’s time settings than with your server!

system · September 18, 2019, 11:56pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Error renewing certificate Help	11	455	June 26, 2022
Website timing out after I insalled SSL using Certbot Help	3	1359	April 7, 2019
Automatice renew not working, certbot.renew.timer missing Help	5	2132	January 30, 2023
The certificate has expired: that is the notAfter date is before the current time Help	5	355	July 1, 2024
Browsers Reporting Expired Certificate after Manual Renewal Help	8	856	June 16, 2019

Your clock is late

Related topics