SSL certificate renewed, however when I search my domain in the browser it remains unprotected

OS type and version Ubuntu Linux 20.04.4
Virtualmin version 7.1-1

a few days ago my ssl certificate expired and was manually renewed, after renewing I noticed that my email domain was still unprotected, I thought it was something temporary but it’s been five days and the problem continues, when I search my domain in the browser the certificate information shows that it has expired, but in virtualmin shows that it’s renewed, does anyone have any idea what it could be?

Could be a browser caching issue. Try using a different browser or device and see if the new certificate is detected or not.

1 Like

I tried that too, switched browsers, internet and networks, and the problem continues, expired certificate in all browsers, but in virtualmin everything is fine.

it could be some updating problem?

I tried verifying my domain in SSL SHOPPER and the result shows the renewed certificate with no problems.

This strengthens my suspicion that it’s a cache issue tbh. Try checking from a device that you haven’t visit the domain from recently.

It could be very much cache in browser however after cleaning it up you might reboot Apache not server as whole just Apache…then load the page as https and see.

unfortunately no results either, tried cleaning the cache in all my browsers and rebooting apache, and the problem continues, and is not only in my local network, for every access outside still shows certificate expired

Can you share a link to this affected domain?

When you renewed did you include

yes, matter of fact was the only one selected to renewing

Right, so you set the domain as not

That mail. Link is working fine but uses self signed cert. There is somewhere button which let you copy SSL cert from domain to mail etc… I think it’s on domain SSL tab in bottom.

my bad, my domain is, mail is a virtual host

could you show me the steps to copying the cert from domain to mail, if I’m not asking to much, i’m pretty much a begginer on virtualmin

Select in the list of Virtual Servers. Go to Server Configuration - SSL Certificate - on the 1st tab (that says Current Certificate), there should be a button at the bottom that says:

Set As Default Services Certificate - Use this SSL certificate as the default in Webmin, Usermin, Dovecot, Postfix and ProFTPD

Hitting that button should set that cert for mail, etc.



done, but the problem still insists, even after cleaning the cache of my browsers and rebooting apache, I wonder if this error on my domain has something to do with it:

Select in the list of Virtual Servers. Go to Server Configuration - SSL Certificate - on the last tab (that says Let’s Encrypt), what does it say? The hosts?

and in the log - /var/log/letsencrypt/letsencrypt.log - what does it say?

If you are setting an existing cert to the Default one - i wouldn’t expect it to try to renew it\etc.



just for safety measurements, is it safe to be sharing these kind of information?

Telling us (and the world) what hostnames are in the cert or what entries are in the letsencrypt.log (assuming the log doesn’t hold keys etc, which I hope it shouldn’t)- I can’t see a bad actor doing anything with that info. By all means anonymize it, but not too much that it becomes useless.

From the picture you posted - on the surface of it: web-based validation failed. This you need to figure out what is going on.



I was wrong before, my domain in reality is, when I try to request a certificate CSR for it using lets encrypt, it results in this error below, it cannot find the key for validation, some kind off directory problem, it could be some problem with mailcow wich is the mail server i’m using, and the nginx?