Getting NET::ERR_CERT_DATE_INVALID on a site I set up

December 1, 2017 1.1k views
Security Ubuntu 16.04

A site I built and am hosting on digital ocean (https://gradient.world/) suddenly start showing a "Your connection is not private" message in chrome with a "NET::ERRCERTDATE_INVALID" error. I followed the DO tutorial on setting up SSL here (https://www.digitalocean.com/community/tutorials/how-to-secure-nginx-with-let-s-encrypt-on-ubuntu-16-04) . When I run sudo certbot renew --dry-run I get the following logs

Saving debug log to /var/log/letsencrypt/letsencrypt.log

-------------------------------------------------------------------------------
Processing /etc/letsencrypt/renewal/gradient.world.conf
-------------------------------------------------------------------------------
Cert not due for renewal, but simulating renewal for dry run
Renewing an existing certificate
Performing the following challenges:
http-01 challenge for gradient.world
http-01 challenge for www.gradient.world
Waiting for verification...
Cleaning up challenges

-------------------------------------------------------------------------------
new certificate deployed without reload, fullchain is
/etc/letsencrypt/live/gradient.world/fullchain.pem
-------------------------------------------------------------------------------
** DRY RUN: simulating 'certbot renew' close to cert expiry
**          (The test certificates below have not been saved.)

Congratulations, all renewals succeeded. The following certs have been renewed:
  /etc/letsencrypt/live/gradient.world/fullchain.pem (success)
** DRY RUN: simulating 'certbot renew' close to cert expiry
**          (The test certificates above have not been saved.)

So it seems like the cert is configured to renew properly. Any chance some could help me debug this? Thanks.

1 Answer

I, too, am having this same issue on a certain droplet. Lets Encrypt is saying it's good to go, but still getting browser errors. @jtittle may be able to help.

Have another answer? Share your knowledge.