SEC_ERROR_REVOKED_CERTIFICATE

    Hi all,
    just update on 1.3.8 server (wheezy) the LetsEncrypt plugin 2.0.3


    it was working for customer on server without problem but I wanted to activate SSL also for control panel.


    I just update the plugin, and I had a activation problem for SSL panel certificate, disable and reactivate it, but now on FF I have SEC_ERROR_REVOKED_CERTIFICATE



    With Chrome is ok.


    Tried to use mix of solution but no one it's working. If I want to use it with FF I have to change about:config, but it's not the solution I need.




    All other SSL website works correctly.
    Any suggest ?
    Thx

    I'm installing the LetsEncrypt Plugin right now. The readme says, that the panel and services certs are still experimental. Maybe it will revoke certs but doesn't create new ones!?

    Quote from f4Nm1Z9k2P

    The readme says, that the panel and services certs are still experimental

    It is no longer experimental since version 2.0.3



    Quote from bubaweb

    just update on 1.3.8 server (wheezy)


    Please, update to 1.3.14



    Quote from bubaweb

    I just update the plugin, and I had a activation problem for SSL panel certificate, disable and reactivate it, but now on FF I have SEC_ERROR_REVOKED_CERTIFICATE



    With Chrome is ok.


    If that works under Chrome, there is not reason for which that would not work on FF.


    From the README file:


    Quote from README.md

    ### Regarding SSL certificate for the control panel


    Note that after enabling Let's Encrypt for the control panel, you may have to close and re-open your browser. Indeed, in some cases, the newly created SSL certificate is not loaded after a simple page refresh.


    Please, under chrome, show us the SSL certificate details.

    badge.php?id=1239063037&bid=2518&key=1747635596&format=png&z=547451206

    SSH key for online support

    it's strange but also with a SSL test service it gave me error. I think is a problem with intermediate certificate, not with SSL Encrypt certificate for NGIX.


    I try to explain:


    1.customer with their own free encrlypt SSL cert with apache works well after update. (they works also before)
    2.before upgrade I had a ssl self signed certificate, with control panel.


    After update:
    1. customer still ok
    2. no more self signed certificate with panel, but a free encrypt SSL wotking see image ssl.png with and SSL-det


    Also check SSL give me alert: https://www.ssllabs.com/ssltest/index.html cert No NOT TRUSTED.


    I also see that SSL data validity was from 22 november and not from yesterday...


    i will wait to update to 1.3.14 in this afternoon



    Nuxwin If you need more details server is always the same..all data same

    Files

    • ssl.PNG

      (27.39 kB, downloaded 7 times, last: )

    • SSL-det.PNG

      (13.7 kB, downloaded 6 times, last: )

    Best is to give us access to your server because right now, your explaination are a hell. You say that there is a problem without showing the error. You're talking about customer SSL which we don't care. We only have interest with the domain and SSL certificate for which you have a problem.

    badge.php?id=1239063037&bid=2518&key=1747635596&format=png&z=547451206

    SSH key for online support

    @bubaweb


    I've checked your server. Result: There is no problem at all.


    Explaination


    Your panel runs on port 4443 for SSL. SSLLabs cannot check SSL certificates on a port other than 443 (standard port). Thus, when you check the control panel osso.demoweb.it domain through SSLLabs, the answer comes from Apache2 and not Nginx. Apache2 is not configured to serve SSL requests for your panel (there is no SSL vhost for the osso.demoweb.it domain). Therefore, Apache2 fallbacks to the first vhost it can found. The problem is that the SSL certificate cannot be valid. Indeed, the SNI doesn't matches the SSL certificate common name. Furthermore, if there is a revoked SSL certificate, It is the one from the default vhost that apache has found. The SSL certificate for your control panel is valid.


    We can solve that problem by installing the PanelRedirect plugin which will proxy requests made on port 443 (Apache2) to Nginx on port 4443. You want it?

    badge.php?id=1239063037&bid=2518&key=1747635596&format=png&z=547451206

    SSH key for online support
    Quote from Nuxwin

    We can solve that problem by installing the PanelRedirect plugin. You want it?

    Thx for check and explanation. Before any other request, I will update to 1.3.14 and then I will install redirect plugin.


    Then I will ask here again if I'm still in trouble.
    Thx again Nuxwin