From owner-freebsd-questions@freebsd.org Sun Mar 7 16:48:52 2021 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 4F26E56BCD5 for ; Sun, 7 Mar 2021 16:48:52 +0000 (UTC) (envelope-from dave.mehler@gmail.com) Received: from mail-yb1-xb2a.google.com (mail-yb1-xb2a.google.com [IPv6:2607:f8b0:4864:20::b2a]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4DtnVW20mHz3Fsh for ; Sun, 7 Mar 2021 16:48:50 +0000 (UTC) (envelope-from dave.mehler@gmail.com) Received: by mail-yb1-xb2a.google.com with SMTP id f4so7605460ybk.11 for ; Sun, 07 Mar 2021 08:48:50 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=iYNFP4L6rNV5AY4tU8khrPCYyymMBsb39p5lK0er6RM=; b=SGFO9F2jiCe7vsHFenZlsi2e6st+P+6aUzKErvozyHBtbCgKuee8OSa2L929gQX+rr TGe8yHpQCE0WOJOEkXyAAJOrrnvuNXL5POHxHP85W0fas9BBmEv2VIOoUNLHK1QdOBXb DvnTYSju7mkEwcySHRNDBK+djRYCj1Qb2Y9Koe61UHWCA+cZNswybLKcdzcCJYEoGyFb TO/MNwPdSXRPxlMbt9S8XbpDx+0LUhyrjOQvyfALgjf1AkCv3BMJSlKmz4rHBv0in3Md WF7ejxkji37k9dbYcNntztsAgMBIUzspxKjl8pzxYtZjGUYSkZ6nEzpygHHWBG1+1XO7 uu9g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=iYNFP4L6rNV5AY4tU8khrPCYyymMBsb39p5lK0er6RM=; b=BPprpxWj7PqPSu6qXXYQW/Isfkifo7LH1oYUeZx3aVUcw2pOKB0Ntq7T8eLcymUvBR 81JiHFotjWT/Fy7p9Mpe2j7M8SfMLPhx0ToQaQWvVL4SRDwFrVUvuvb9IzsFSUDAdLyP asBzpV9ZHZlqh/wl8N3wjvYYtSrJadWo4lbhOTPdxMnolb0CnqJ+8wn/JjOcyS0llvXx ruxigLz+AjszdQx5//r/sHVEUQOP/3n737iWkw9kwVDQtBFEhitN9Z4oAQ5IhqjMk29C ICyA4fbVIUQNx65TWOcao3juA1Lz/4SB1y7SIqVso6jt9TwD7lJjE3NEzkVmyyxgRkom G86g== X-Gm-Message-State: AOAM530xKwRyTiungXxr8UQ/+G2YqeUrmWxAjDRq/PuJztGkjOQ3uAs5 gaZ3DLHS+yxvcXYKZaf6FXHyoTKI3kPQETjYdzo= X-Google-Smtp-Source: ABdhPJx4y2uMawjw69LBAHkpkjZh0RSZtC1VM5xGrDd4QgCx5a5P1+cK5uGuNR93ouDr6LVwUtBVhHrtd+c+Di24+uQ= X-Received: by 2002:a25:6b0d:: with SMTP id g13mr27353066ybc.124.1615135730162; Sun, 07 Mar 2021 08:48:50 -0800 (PST) MIME-Version: 1.0 Received: by 2002:a05:7110:2c8:b029:35:6509:cdf0 with HTTP; Sun, 7 Mar 2021 08:48:49 -0800 (PST) In-Reply-To: References: From: David Mehler Date: Sun, 7 Mar 2021 11:48:49 -0500 Message-ID: Subject: Re: acme.sh issue, cert date invalid, but no errors from letsencrypt To: Shamim Shahriar Cc: freebsd@boosten.org, freebsd-questions Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Rspamd-Queue-Id: 4DtnVW20mHz3Fsh X-Spamd-Bar: --- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gmail.com header.s=20161025 header.b=SGFO9F2j; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (mx1.freebsd.org: domain of davemehler@gmail.com designates 2607:f8b0:4864:20::b2a as permitted sender) smtp.mailfrom=davemehler@gmail.com X-Spamd-Result: default: False [-4.00 / 15.00]; TO_DN_SOME(0.00)[]; R_SPF_ALLOW(-0.20)[+ip6:2607:f8b0:4000::/36:c]; FREEMAIL_FROM(0.00)[gmail.com]; DKIM_TRACE(0.00)[gmail.com:+]; DMARC_POLICY_ALLOW(-0.50)[gmail.com,none]; NEURAL_HAM_SHORT(-1.00)[-1.000]; FREEMAIL_TO(0.00)[gmail.com]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; FREEMAIL_ENVFROM(0.00)[gmail.com]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US]; TAGGED_FROM(0.00)[]; RBL_DBL_DONT_QUERY_IPS(0.00)[2607:f8b0:4864:20::b2a:from]; DWL_DNSWL_NONE(0.00)[gmail.com:dkim]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; R_DKIM_ALLOW(-0.20)[gmail.com:s=20161025]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[3]; NEURAL_HAM_LONG(-1.00)[-1.000]; TAGGED_RCPT(0.00)[]; MIME_GOOD(-0.10)[text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-questions@freebsd.org]; SPAMHAUS_ZRD(0.00)[2607:f8b0:4864:20::b2a:from:127.0.2.255]; TO_MATCH_ENVRCPT_SOME(0.00)[]; RCVD_IN_DNSWL_NONE(0.00)[2607:f8b0:4864:20::b2a:from]; RCVD_COUNT_TWO(0.00)[2]; RCVD_TLS_ALL(0.00)[]; MAILMAN_DEST(0.00)[freebsd-questions] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 07 Mar 2021 16:48:52 -0000 Hello, Thanks for your reply. I did repeatedly restart the web server. I've also looked at the file creation date they're the new certs issued yesterday, but checking them with openssl shows as I said the not after november 2020 date. Suggestions welcome. Thanks. Dave. On 3/7/21, Shamim Shahriar wrote: > Could you please check and confirm, the CRT you ran openssl on, are the > same as freely issued by LE? LE Issued certificates are normally in > /use/local/etc/letsencrypt directory (various subdirectories, including t= he > old/formerly issued ones). Checking the file creation date/time should al= so > confirm if your are looking at the correct file. > > It had been observed many times, people tend to point their server config > to static files, which becomes stale after a while, rather than the > dynamically generated fresh ones. > > Hope that helps. > > On Sun, 7 Mar 2021, 08:08 Peter Boosten via freebsd-questions, < > freebsd-questions@freebsd.org> wrote: > >> >> > >> > >> > Any ideas? >> > >> > >> >> Maybe an obvious question, but did you restart your webserver after >> deploying the certs to it? >> >> Peter >> >> =E2=80=94 >> It never hurts to help >> - Eek the Cat! >> >> >> >> >> _______________________________________________ >> freebsd-questions@freebsd.org mailing list >> https://lists.freebsd.org/mailman/listinfo/freebsd-questions >> To unsubscribe, send any mail to " >> freebsd-questions-unsubscribe@freebsd.org" >> >