SSL issue in the site comes through as not secure

I have ssl set up on our site regymenfitness dot com. When you type the domain without www into the address bar, it forwards you to a secure ‘www’ version of regmyenfitness. However, when you type in ‘www.regmyenfitness’ directly to the address bar, it shows site insecure with error screen.

The site has google certs for regymenfitness & *.regymenfitness

The ssl setting is set to full.

We also have valid certs through certbot for root, join, and www

The certs were updated about 48 hours ago and are valid

Any help is appreciated!

Certificate has expired

$ curl https://www.regymenfitness.com/ -svo /dev/null
*   Trying [2606:4700:20::681a:e60]:443...
* Connected to www.regymenfitness.com (2606:4700:20::681a:e60) port 443 (#0)
* ALPN: offers h2,http/1.1
* (304) (OUT), TLS handshake, Client hello (1):
} [327 bytes data]
*  CAfile: /etc/ssl/cert.pem
*  CApath: none
* (304) (IN), TLS handshake, Server hello (2):
{ [122 bytes data]
* (304) (IN), TLS handshake, Unknown (8):
{ [19 bytes data]
* (304) (IN), TLS handshake, Certificate (11):
{ [4041 bytes data]
* SSL certificate problem: certificate has expired
* Closing connection 0
1 Like

Answer these questions to help the Community help you with Security questions.

What is the domain name?
regymenfitness

Have you searched for an answer?

Please share your search results url:

When you tested your domain, what were the results?
screenshot:

Describe the issue you are having:
When you type in regymenfitness the site redirects to the www subdomain and shows a secure connection. But when you are in a new window and type in www with regymenfitness the site comes through as not secure

What error message or number are you receiving?

What steps have you taken to resolve the issue?

Was the site working with SSL prior to adding it to Cloudflare?

What are the steps to reproduce the error:

Have you tried from another browser and/or incognito mode?
yes
Please attach a screenshot of the error:
screenshot:

That’s affirmative. Its working as mentioned. There’s a redirect set.

I’m not able to replicate that. Looks like you are seeing the cached version of the site. You may clear the browser cache or try checking from incognito mode.

I have also checked in the incognito mode. The issue is still the same.

I can replicate this.

Both cURL and Opera show the same thing: expired certificate

$ curl https://www.regymenfitness.com -sv
*   Trying [2606:4700:20::ac43:491d]:443...
* Connected to www.regymenfitness.com (2606:4700:20::ac43:491d) port 443 (#0)
* ALPN: offers h2,http/1.1
* (304) (OUT), TLS handshake, Client hello (1):
*  CAfile: /etc/ssl/cert.pem
*  CApath: none
* (304) (IN), TLS handshake, Server hello (2):
* (304) (IN), TLS handshake, Unknown (8):
* (304) (IN), TLS handshake, Certificate (11):
* SSL certificate problem: certificate has expired
* Closing connection 0

1 Like

Ok thanks

@anon9246926 Thanks for the input. @nate18 Further dig into the issue: Though I do not yet see the issue as you see, however, I see there are multiple certificates issued for the same. Let’s Encrypt and CPanel. This may be causing you the issue. Best suggested to keep the one from one issuer and try.

I just checked the same. I found that only one SSL certificate is active for the time being and one is set as backup. What should I do?

:point_down:

Please explain It

If you are using Let’s Encrypt, retain it and forgo the other.

1 Like

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.