Using Let's Encrypt requires setting Validity Days to 90. Please check your input and try again. (Code: 1426)

Hello!

I’m trying to issue a Advanced certificate (SSL, Let’s Encrypt) for domain in .ru zone. I paid but I get an error: “Using Let’s Encrypt requires setting Validity Days to 90. Please check your input and try again. (Code: 1426)”. What is the the problem? How to set 90 days? I did not find the option to set the certificate expiration date.

Thanks for help.

Hello,

  • Are you using the web interface or the API?
  • Do you have the same problem with other CAs?

Thanks.

Web interface. For my domain (.ru), only 2 options are offered - Let’s Encrypt and Google Trust Services. I haven’t tried the second one, 'cause I don’t know what it is.

Google Trust Services is Google’s own CA. I would personally recomend it over Let’s Encrypt. Cloudflare ACM also allows you to obtain certificates from DigiCert and Sectigo, but as explained here, they won’t issue one for a .ru domain.

I think that you should contact support. You may get an auto-reply saying that you should post this question on the community instead, but reply referencing to this topic.

Hope it helps!

Curious as to why you would recommend a Google CA over another. Is there a functional difference?

No really, but there are some reasons of why I prefer GTS over Let’s Encrypt:

  1. I tried it when it was a private beta.
  2. It may have a higher availability than Let’s Encrypt.
  3. “Google Trust Services LLC” may sound more trustworthy than “Let’s Encrypt” to people who don’t know about servers and SSL/TLS.
  4. It offers support via email.
  5. It’s cross-signed with GlobalSign Root CA, from 1998, that expires in 2028, so it has an amazing compatibility.
  6. If Let’s Encrypt doesn’t currently work fine, what options left do you actually have?

And before you ask: yes, I know that Google uses an OCSP resolver that may log the sites that you visit. This would be the main reason of why you may want to use LE instead of GTS (appart from being a non-profit and having an excelent community).

I just wanted compatibility so that the site opened on ancient operating systems and in ancient browsers. But I’ll wait for the support service to answer, since the Let’s Encrypt certificate is more understandable to me. Thank you.

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.