idank
commented
3 years ago I'm not getting that here. Can you attach a screenshot?
Closed indigoblueraspberry closed 3 years ago
idank
commented
3 years ago I'm not getting that here. Can you attach a screenshot?
stoivo
commented
3 years ago It seam like the certificate is only not for www.explainshell.com but only explainshell.com.
Also The 30th of oktober an old root lets encript key expired and the "new" root lets encript key is in OpenSSL 1.1.0 (over 4 years old). https://github.com/mperham/sidekiq/issues/5008 If you are running an old system that could also be an issue
indigoblueraspberry
commented
3 years ago Here is the certificate.
idank
commented
3 years ago It's an old system with a recently updated certbot. The dns is configured with a cname entry from www.explainshell.com to explainshell.com. So I'm not what broke really :|.
alerque
commented
3 years ago This doesn't seem to be an issue any more, in my testing the current certificate is good to go. I suggest this issue can be closed unless there is anybody with a current problem.
idank
commented
3 years ago Thanks for confirming @alerque.
indigoblueraspberry
commented
3 years ago I tried once more in another computer and the problem is still present.
alerque
commented
3 years ago My mistake, @indigoblueraspberry is correct the certificate does not have the subdomain. My testing was flawed because an extension was trying and finding the bare domain and preferring that even when I typed in the www subdomain on initial connection.
The certificate is not expired, it is just registered for the bare domain without the optional www subdomain.
idank
commented
3 years ago I tried changing some configs, can you try again?
indigoblueraspberry
commented
3 years ago According to my testing, now it works as expected. Thank you @idank!
When visiting the website https://www.explainshell.com, now it displays that "explainshell.com certificate name does not match input" when inspecting the certificate.