LetsEncrypt - SSL certificate is not valid

  • Good morning,


    Any log ? Nothing, dada ?


    It's not working ok... but ... any relevant data would be welcome.


    Thank you...

    badge.php?id=1239063037&bid=2518&key=1747635596&format=png&z=547451206

  • Any log ? Nothing, dada ?


    From yesterday certificates are generating "fine" on my Ubuntu and Debian installations, but after generating certificate it shows correct expiration date, so no problems within LetsEncrypt tab, but on Domains tab there is information that certificate is incorrect.


    This is LetsEncrypt tab:


    chrome_2021-09-28_15-22-58.png



    And this is Domains tab:


    chrome_2021-09-28_15-23-43.png



    When I try to open site, it's saying hello with certificate from another domain (from first domain on that ip).

  • logged in debug mode

  • this one is still active and working - web browser shows as a valid cert

    I have checked with:


    Ubuntu 18.04.6 LTS result:

    Code
    1. cd /etc/letsencrypt/archive/domain.tld
    2. openssl verify -CAfile fullchain1.pem cert1.pem
    3. openssl verify -CAfile fullchain2.pem cert2.pem
    4. # output
    5. C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
    6. error 2 at 1 depth lookup: unable to get issuer certificate
    7. error cert2.pem: verification failed


    Debian 10 result:

    Code
    1. openssl verify -CAfile fullchain1.pem cert1.pem
    2. cert1.pem: OK

    Edited 2 times, last by fulltilt ().

  • copy /usr/lib/ssl/certs/2e5ac55d.0 from the debain to ubuntu


  • great, that worked!

    do you think it will continue to work after Sept 30th because of Let’sEncrypt DST Root CA X3 Expiration?

    https://medium.com/geekculture…3-expiration-d54a018df257


    copy /usr/lib/ssl/certs/2e5ac55d.0 from the debain to ubuntu