cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Go to solution

Website showing "not secure"; SSL alerted as expired, but it's not.

HI there,

 

My website is lovegrandturk.com

 

As of a week ago or so my website has been giving an insecure warning on browsers (CHROME/SAFARI). I have an SSL through GoDaddy and have had it attached and working for a long time, but it's suddenly not working.

When I bypass the alert and visit the site on Safari, I can click the LOCK and read info about the certificate. It shows, what looks like to, multiple certificates - one expired and one valid. It reads:

 

DST ROOT CA X3

Root certificate authority

Expires: Thursday, September 30, 2021 at 11:01:15 AM Atlantic Daylight Time

 

and then:

 

Let's Encrypt Authority X3

Intermediate certificate authority

Expires: Wednesday, March 17, 2021 at 1:40:46 PM Atlantic Daylight Time

 

and THEN

 

Lovegrandturk.com

Issued by: Let's Encrypt Authority X3

Expired: Thursday, January 16, 2020 at 5:19:05 AM Atlantic Standard Time

 

I've spoken to many GoDaddy reps this week, Some who've said the security warning doesn't show for on their browsers, and others who walk me through the process of removing the SSl and reattaching it to the hosting account (which is also with GoDaddy).

 

I'm at a loss. Any thoughts? 

2 ACCEPTED SOLUTIONS
Super User II

@LoveGrandTurk 

 

So, since it's showing a LetsEncrypt certificate, I assume you're using the Website Security suite or you've installed the LetsEncrypt cert yourself.

 

If you installed yourself, then you just need to uninstall the old certificate to the server and replace it with a new one. Let's Encrypt certificates expire every 90 days.

 

If you're using a Website Security product, put in a ticket through their support. It's possible the recertification script they use didn't update your site in particular. They should be able to correct the issue quickly.



I am a GoDaddy End User - Just Like You
* Please note that I DO NOT answer private messages. Please ask your question in the proper forum so the answer can assist EVERYONE in the community and not just you. If you contact me via PM for help, I will give you a price quote for my personal services. Thanks! *

Once your issue is resolved,
please be sure to come back and click accept for the solution

Get Better Support on the Community Boards!
Etiquette When Asking for Help from the Community


View solution in original post

Resolver III

I have checked your history of SSL and you are getting certificates from GoDaddy and Let's Encrypt - 2 different certificate authorities, the latter is free.

 

The first-ever certificate was issued on Feb 23, 2018 by GoDaddy. You possibly did some changes to your domain configuration as you got your first Let's Encrypt SSL on Dec 20, 2018. You also got your 2nd GoDaddy certificate on that day so you have possibly somehow switched on Let's Encrypt certificates by mistake. Since then you have at all times valid certificates from both GoDaddy and Let's Encrypt.

 

I quickly audited your website and it looks ok. However, it shows the Let's Encrypt certificate, instead of GoDaddy. They should both be equally trusted in all web browsers but Let's Encrypt requires online validation of certificates - it's fairly unlikely this would cause a problem.

 

What is more likely - is it possible you played with "root certificates" on your computer? Either way - I would recommend to try your website from another computer or from e.g. a WiFi in a cafe. If it looks good in either of those tests then the problem is in your computer only.

 

Dan

 

———

I've worked around (not only) SSL security for over 20 years in enterprises and startups. 

I am now running an HTTPS expiry management service KeyChest.net

View solution in original post

3 REPLIES 3
Super User II

@LoveGrandTurk 

 

So, since it's showing a LetsEncrypt certificate, I assume you're using the Website Security suite or you've installed the LetsEncrypt cert yourself.

 

If you installed yourself, then you just need to uninstall the old certificate to the server and replace it with a new one. Let's Encrypt certificates expire every 90 days.

 

If you're using a Website Security product, put in a ticket through their support. It's possible the recertification script they use didn't update your site in particular. They should be able to correct the issue quickly.



I am a GoDaddy End User - Just Like You
* Please note that I DO NOT answer private messages. Please ask your question in the proper forum so the answer can assist EVERYONE in the community and not just you. If you contact me via PM for help, I will give you a price quote for my personal services. Thanks! *

Once your issue is resolved,
please be sure to come back and click accept for the solution

Get Better Support on the Community Boards!
Etiquette When Asking for Help from the Community


View solution in original post

Resolver III

I have checked your history of SSL and you are getting certificates from GoDaddy and Let's Encrypt - 2 different certificate authorities, the latter is free.

 

The first-ever certificate was issued on Feb 23, 2018 by GoDaddy. You possibly did some changes to your domain configuration as you got your first Let's Encrypt SSL on Dec 20, 2018. You also got your 2nd GoDaddy certificate on that day so you have possibly somehow switched on Let's Encrypt certificates by mistake. Since then you have at all times valid certificates from both GoDaddy and Let's Encrypt.

 

I quickly audited your website and it looks ok. However, it shows the Let's Encrypt certificate, instead of GoDaddy. They should both be equally trusted in all web browsers but Let's Encrypt requires online validation of certificates - it's fairly unlikely this would cause a problem.

 

What is more likely - is it possible you played with "root certificates" on your computer? Either way - I would recommend to try your website from another computer or from e.g. a WiFi in a cafe. If it looks good in either of those tests then the problem is in your computer only.

 

Dan

 

———

I've worked around (not only) SSL security for over 20 years in enterprises and startups. 

I am now running an HTTPS expiry management service KeyChest.net

View solution in original post

@LoveGrandTurk 

 

I would agree with @MrVapor  as I got the same results 

 

The non-expired certificates are the Let's Encrypt Root Certificates - your specific certificate expired last week. 

 

As I was just typing this it looks like you got the certificate renewed.

 

I am a GoDaddy End User - Just Like You
Check out my site! | I currently manage over 300 WordPress Websites
* Please note that I offer free advice on this forum. Thank You Info If you would like personalized help, please contact me. Otherwise, please ask your question in the proper forum so the answer can assist EVERYONE in the community and not just you. Thanks! *

Once your issue is resolved,
please be sure to come back and click accept for the solution

Get Better Support on the Community Boards!
Etiquette When Asking for Help from the Community