Letsencrypt issue

Support
1

Problem Description

SSL and Letsencrypt seem to be working perfectly well for all the domains on my server, including subdomains, except one. When I run sympl-ssl the results look perfectly normal, but browsers say that the certificate is out of date.

Any Error Messages

Here’s the output of sympl-ssl:

sympl@potto:~$ sudo sympl-ssl --verbose mta-sts.benpaley.com
* Examining certificates for mta-sts.benpaley.com
	SSL set 0: Not valid for mta-sts.benpaley.com -- certificate has expired (10)
	SSL set 1: Not valid for mta-sts.benpaley.com -- certificate has expired (10)
	Current SSL set 4: signed by /C=US/O=Let's Encrypt/CN=R3, expires 2024-07-19 07:23:48 UTC
sympl@potto:~$

But when I try to go to https://mta-sts.benpaley.com/, Firefox says:

Web sites prove their identity via certificates, which are valid for a set time period. The certificate for mta-sts.benpaley.com expired on 08/02/2024.
 
Error code: SEC_ERROR_EXPIRED_CERTIFICATE

…and other browsers say the same thing in their own way.

Environment

  • Sympl Version [10.0]:
  • Sympl Testing Version? [No]
  • Debian Version [Buster]:
  • Hardware Type? [Virtual I think]
  • Hosted On? [Bytemark BigV]
2

It’s likely that sudo sympl-web-configure --verbose mta-sts.benpaley.com will mention that the config has been manually changed (and when you did, you didn’t update the certificate path).

If so, change the /etc/apache2/sites-enabled/mta-sts.benpaley.com.conf file from:

    # The certificate, key, and intermediate bundle (if needed)
    SSLCertificateFile /srv/mta-sts.benpaley.com/config/ssl/sets/<some number>/ssl.combined
    SSLCertificateChainFile /srv/mta-sts.benpaley.com/config/ssl/sets/<some number>/ssl.bundle

    # The certificate, key, and intermediate bundle (if needed)
    SSLCertificateFile /srv/mta-sts.benpaley.com/config/ssl/current/ssl.combined
    SSLCertificateChainFile /srv/mta-sts.benpaley.com/config/ssl/current/ssl.bundle

… then reload Apache and that should fix it.

3

As simple as that! Thank you very much.

4

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.