Zerossl Certificate cant able to renew

Help
1

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: https://www.hotels-kohsamui.com/

we have site https://www.hotels-kohsamui.com/, actually today expired certificate, when am tried to renew certificate then it’s not worked. got “Der opstod en fejl under importeringen af certifikatet. Kontroller nøgle, certifikat og CA-chain passer korrekt sammen.” all the times. am sent mail to unoeuro hosting support team, they told “Let’s Encrypt has a rate limit, and after reaching that limit, it will not work for a week.” . But from my ip am tried only two times for this domain.

hotels-kohsamui.com this site it’s very important for customer.

can you please help me…

2

I don't speak Danish, but Google translates this as:

There was an error importing the certificate. Check key, certificate and CA-chain match correctly

If that's an accurate translation, then your support's response of:

Let’s Encrypt has a rate limit, and after reaching that limit, it will not work for a week

...is nonsense. Your issue is probably that you're entering an incorrect private key or certificate, or possibly that there's an error on the host's end.

3

Hi @sasthakms

checking your domain that had worked - https://check-your-website.server-daten.de/?q=hotels-kohsamui.com

Issuer not before not after Domain names LE-Duplicate next LE
Let's Encrypt Authority X3 2019-09-16 2019-12-15 hotels-kohsamui.com, www.hotels-kohsamui.com - 2 entries duplicate nr. 3
Let's Encrypt Authority X3 2019-09-16 2019-12-15 hotels-kohsamui.com, www.hotels-kohsamui.com - 2 entries duplicate nr. 2
Let's Encrypt Authority X3 2019-09-16 2019-12-15 hotels-kohsamui.com, www.hotels-kohsamui.com - 2 entries duplicate nr. 1

There are three certificates, created today.

But you have to install the certificate - that's missing.

If you use Zerossl, you have to install the certificate manual.

There is a

CN=*.unoeuro.com, OU=PositiveSSL Wildcard, OU=Domain Control Validated
	06.02.2019
	06.02.2021
expires in 509 days	*.unoeuro.com, unoeuro.com - 2 entries

perhaps from your hoster.

And you have a loop - Grade L: http -> https -> http, so it's impossible to use your site.

Then you should start one month earlier, if you do that manual. Not after the expiration of your previous certificate.

4

By the look of it, as shown above, you have issued the certificate just fine, but you are not installing it correctly. Two most common errors with importing the certificate into some sort of control panel:

a) Using the account key instead of the domain key.
b) Not splitting the certificate file into a CA bundle and the domain certificate, if your control panel requires that (this is a case for cPanel for example).

Both those items are highlighted in the FAQ: https://zerossl.com/ssl-faq.html#My_server_console_shows_an_error_saying_that_the_private_key_does_not_match_the_certificate__What_did_I_do_wrong_

5

Yes i agree about this issue, but am maintaining more then 80 websites, renewing certificates manually. Am also renewed 2 more sites before when am tried to renew hotels-kohsamui.com
not working only for this site.

6

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.