bpetruzzo
By:
bpetruzzo

SSL Certificate suddently giving error "ERR_CERT_DATE_INVALID". Expired?

March 20, 2017 1.1k views
Security

I'm stuck here, because someone else set up Digital Ocean and the SSL certificates for me, and they are now no longer around.

Digital Ocean is complicated compared to what I'm used to, but I'm trying to hobble through this because my site is throwing up a security warning due to this SSL error. I'm not sure how to answer the distributions question above, or how to check that.

Can someone help me get this sorted out?

1 Answer

Hi there,

Yes an ERR_CERT_DATE_INVALID error that a browser shows means your SSL certificate has expired. It's likely that the previous user purchased an SSL certificate from a certificate authority such as GoDaddy. Today we have an excellent and free SSL tool called Let's Encrypt which can be used to secure your website. Digital Ocean has an excellent tutorial on how to setup Let's Encrypt on their web servers.

Here's a link to a tutorial on how to set it up using the Ubuntu 14.04 distro but tutorials also exists for other linux distros as well. https://www.digitalocean.com/community/tutorials/how-to-secure-nginx-with-let-s-encrypt-on-ubuntu-14-04
I recommend to take some time and read through the whole tutorial and make sure you understand the process. The link I sent you assumes you're running NGINX but Let's Encrypt is also compatible with other web servers such as Node and Apache. If you can give me some more information on your specific setup, I'd be happy to send you a more specific tutorial.

Cheers!

In this tutorial, we will show you how to use Let's Encrypt to obtain a free SSL certificate and use it with Nginx on Ubuntu 14.04. We will also show you how to automatically renew your SSL certificate. If you're running a different web server, simply follow your web server's documentation to learn how to use the certificate with your setup.
  • Thanks for the reply. That tutorial starts out over my head. :(

    For example: "You should have an Ubuntu 14.04 server with a non-root user who has sudo privileges. You can learn how to set up such a user account by following steps 1-3 in our initial server setup for Ubuntu 14.04 tutorial." I don't know how to check any of that.

    I believe these SSL certificates are already from Lets Encrypt. I don't believe I or anyone else working for me has paid for one. I mean, is this stuff stored in a file somewhere or something? I fear what I really need is just to know who I can pay to fix this for me in the next two hours. But besides upwork, I don't know where to turn for that.

    • No worries! I can understand how daunting some tasks may seem when you're not familiar with the underlying architecture. If the certificate was originally setup with Let's Encrypt then it's likely the old user never setup the cron job to renew it or they did and neglected to reload Apache/Nginx after the renewal.

      Regardless, it sounds like you're in need of some professional help. I would be happy to take a look at the problem for you. If you want, you can add me on Skype and I can send you some information to get the process started. My handle is ryantreece

Have another answer? Share your knowledge.