Security Certificate expired

Status
Not open for further replies.

Victor Delta

New Member
Messages
25
Reaction score
0
Points
1
My free site victor.x10host.com has been working fine for ages. Last year I saw the option to apply a security certificate so opted to do that. However, in the last few days people accessing my site are getting a security warning as it appears the security certificate expired on 23 Feb 2020. I received no warning about this - before or since.

I have accessed the CPanel hoping to renew the certificate but, owing to the new design, cannot find any way to do this.

How do I update the certificate or, if this is not possible, get it removed so at least we can access the site again - i.e. go back to square one before the certificate was applied?

Thanks.

Websites prove their identity via certificates, which are valid for a set time period. The certificate for victor.x10host.com expired on 2/23/2020.
Error code: SEC_ERROR_EXPIRED_CERTIFICATE
 

Anna

I am just me
Staff member
Messages
11,218
Reaction score
520
Points
113
Since we no longer use cPanel it would not be possible to renew it.
And it should not have been an option under cPanel either truth to be told, it was a misconfiguration after an update that caused it to be turned on.

To ensure you don't get any errors you should set your site to use http only, as long as there is a redirect to https you will get a certificate warning (there is no valid cert for the domain, though you are now using the server cert, which obviously has the wrong domain).
 

Victor Delta

New Member
Messages
25
Reaction score
0
Points
1
Hi Anna

Thanks for your reply. I went to the (new) control panel and deselected the Secure SSL box for my domain, but there appeared to be no redirects set up.

However, when I try to access the site using an http address, it still goes to a warning message, this time with the error message NET::ERR_CERT_COMMON_NAME_INVALID.

Am I doing something wrong?
 

spacresx

Community Advocate
Community Support
Messages
1,062
Reaction score
74
Points
48
do you use anything like cloudflare or use wordpress ??
also when i try your website all i see is "Apache is functioning normally"
 

garrettroyce

Community Support
Community Support
Messages
5,601
Reaction score
239
Points
63
@Anna spacresx pointed out that this account shows the signs that it may not have been restored properly. Can you please look if it needs to be restored?
 

Anna

I am just me
Staff member
Messages
11,218
Reaction score
520
Points
113
Apache functions normally is "normal" behavior for ssl if it isn't properly configured. With DA you can have separate content on https and http, though commonly one set them to be the same, using the public_html.

SSL is turned on in order to get around that, but you can not currently install any certificates (to get https to show the same, ssl needs to be on, and configured to use symlink with http)

If you for instance have wordpress, the redirect is internal to the script and based upon what the configured domain is (if it is configured for https, it will redirect even if it is not in any .htaccess. I know other scripts do this as well, either through settings that are stored in database or in the configuration file.
 

Victor Delta

New Member
Messages
25
Reaction score
0
Points
1
I have re-ticked the DA Secure SSL box and disabled the 'Really Simple SSL' plug-in that I have in WordPress. The dashboard url is still https... However, trying to access the site using http still throws up the warning messages with error code: NET::ERR_CERT_COMMON_NAME_INVALID
 

Anna

I am just me
Staff member
Messages
11,218
Reaction score
520
Points
113
Yes, that would be normal since there certificate is for the server and not your domain.

When I check with chromes dev tools, under network I see that the redirect is coming from wordpress: "X-Redirect-By: WordPress".

What does it say for "Site Url" and "Wordpress Address"? If those says https, it will redirect to https.
 

Victor Delta

New Member
Messages
25
Reaction score
0
Points
1
Thanks. This is most odd because the site url etc is set to http - see attached.

WP1.JPG

However, when I try to access, for example, http://victor.x10host.com/app-form/ the browser tries to access the https version with the warning page and Error code: SSL_ERROR_BAD_CERT_DOMAIN.

I presume I must be missing something obvious!
 

Anna

I am just me
Staff member
Messages
11,218
Reaction score
520
Points
113
I do not get a redirect on your site right now, it could be cached locally on your computer (you could try with incognito mode if you have that on your browser to check this as that always bypass cache), otherwise it often works holding ctrl when you press enter with the url written in the browser, may not work in all browsers though.

Optionally, you can clear browser cache, but you may not be able to do that for one domain only.
 

Anna

I am just me
Staff member
Messages
11,218
Reaction score
520
Points
113
Closing thread since it is sorted then. Should you need support again please open a new thread.
 
Status
Not open for further replies.
Top