Your connection is not secure

Discussion in 'Installation/Configuration' started by caninfo, Mar 5, 2018.

  1. caninfo

    caninfo New Member

    Hello, how are you?
    I'm new here if I do something wrong, just correct me. I recently installed ISPConfig 3.1.11 on a VM from my dedicated cloud server with Ubuntu.
    Within the sites added one of them I am not able to fix the problem of SSL. By accessing the canoniinfo.com website I get the following message: Your connection is not secure.
    I noticed that the certificate information you present in your browser is different from other sites.
    I will show the image with error and also another site that is working normally.
    If someone can tell me where I can fix this, then I've already looked at all vhost and etc and can not find where it might be interrupting https.
    Gratitude.
     

    Attached Files:

  2. Jesse Norell

    Jesse Norell Well-Known Member

    The working site uses a letsencrypt certificate. Go to the SSL tab on the failing site, set SSL Action to Delete certificate and hit save. Ensure all your sites are set to use either an IP address or use *for the address, but don't mix the two. Then enable the Letsencrypt checkbox for the site that isn't working and save. It should setup a letsencrypt certificatefor the site; if that fails, check the letsencrypt trouble shooting FAQ here in these forums.
     
  3. caninfo

    caninfo New Member

    Hello, how are you?
    Thanks for the help, but it did not work.
     
  4. Jesse Norell

    Jesse Norell Well-Known Member

    Well, it has changed from your screenshot though, so probably making progress. Right now if I go to https://canoniinfo.com/ I get a letsencrypt certificate for canonistore.com served with 2 names in it (DNS Name: canonistore.com DNS Name: www.canonistore.com). Check the canonistore.com site settings and make sure the ip address is '*'. Then check canoniinfo.com settings and make sure Let's Encrypt SSL is checked, and also verify the ip address is '*'.
     
  5. ahrasis

    ahrasis Active Member

    Have you created any dns zone for canoniinfo.com?
     
  6. caninfo

    caninfo New Member

    Hello, how are you?
    Yes, both settings are IP-enabled and with ssl enabled and marked in letsencrypt.
    Is there a way to re-create the certificate from the command line only for this site canoniinfo.com?
     
  7. caninfo

    caninfo New Member

    Hello..
    Yes my friend. See the attachment
     

    Attached Files:

  8. ahrasis

    ahrasis Active Member

    Have you done this for canoniinfo.com website settings? Untick ssl and save. Then tick LE and save.
     
  9. caninfo

    caninfo New Member

    Hello, how are you?
    Yes, I tried to do this procedure.
     
  10. ahrasis

    ahrasis Active Member

    Have you check for any errors in letsencrypt log and do you have canoniinfo.com vhost that have .err at its end?
     
  11. caninfo

    caninfo New Member

    Hello..
    This is my error log site canoniinfo.com in txt file.
     

    Attached Files:

  12. caninfo

    caninfo New Member

    Hello, how are you?

    I was able to solve the problem as follows.
    I went to the problem domain inside the ISPconfig 3.1.11 panel and deactivated ssl and letsencrypt and waited a few minutes.

    Then I activated again and waited a few minutes.

    I went to the /etc/letsencrypt/archive folder and identified that a new folder with the name canoniinfo.com-0001 had been created and by logic the files were re-created there with the name of the certificate for domino canoniinfo.com, however , the site was still viewing the files inside the canoniinfo.com directory.

    I've found that the files in /var/www/canoniinfo.com/ssl were pointing to /etc/letsencrypt/live/canoniinfo.com that link to /etc/letsencrypt/archive/canoniinfo.com.

    I copied all the files from the directory canoniinfo.com-0001 to canoniinfo.com.

    I then reloaded apache2 with
    # service apache2 reload
    and soon solved the problem.

    From what I realized the canoniinfo.com domain certificate was being answered by another name that in the case would be srv1.canoniinfo.com this way there was a conflict and error in the browser "like I've been fooling the visitor".

    Problem solved, thanks for the help and feedback.
    Gratitude
     
    ahrasis likes this.

Share This Page