Strange dates for certificates, maybe cause of `Certificate Unknown`

sasa1977 / site_encrypt

Integrated certification via Let's encrypt for Elixir-powered sites

MIT License

471 stars 34 forks source link

Strange dates for certificates, maybe cause of `Certificate Unknown` #28

Closed noozo closed 3 years ago

noozo commented 3 years ago

My certificate stopped working in my local dev env (using the local ACME server in 4002 port, as per docs). I noticed this in the server start up (both locally):

[info] Certificate successfully obtained! It is valid until 3020-05-31. Next renewal is scheduled for 3020-05-01.

Can that strange date have anything to do with it?

Thanks in advance.

sasa1977 commented 3 years ago

The local ACME server issues self-signed certificates, which are by default rejected by the browsers & other clients. To use this certificate you need to add an exception in your browser, but be very careful with what you're allowing. You only want to do that for local development. Self-signed certificates shouldn't be used in prod.

The expiry date is intentionally set far into the future to avoid renewals in local dev/test.

noozo commented 3 years ago

Thanks for the quick reply :)