SSL certificate expired

Keywords: WordPress + NGINX + SSL - Google Cloud Platform - Technical issue - Secure Connections (SSL/HTTPS)

bnsupport ID: d53363b7-b6f5-df3c-4fdd-2553bda375fa

bndiagnostic output:

? Apache: Found possible issues
? Resources: Found possible issues
https://docs.bitnami.com/general/apps/wordpress/administration/use-pagespeed/#disable-pagespeed

bndiagnostic failure reason: The suggested guides are not related with my issue

Description:
Hi, my website has run into a SSL certificate issue. Yesterday (Sept 30th), the R3 signed by DST Root CA X3 intermediate expired. I have tried to renew the certificate with Bitnami tool, but it seems only the PC and android systems are not affected, while the browsers in the IOS system have shown the warning information that the connection to my website is not secure. I am wondering if there is any step-by-step document or tutorial available so I can fix this issue.

Thank you very much!

Lincoln

Here is some related documents
https://letsencrypt.org/docs/dst-root-ca-x3-expiration-september-2021/
https://support.cpanel.net/hc/en-us/articles/4409759316759-DST-Root-CA-X3-Expiration-and-Let-s-Encrypt
I have found several videos and articles described the steps to fix this issue on client’s computer, but I haven’t found any useful instruction/solution for server side.

Hi @lincoln,

Thanks for using Bitnami. I think it is better to contact the Let’s Encrypt developers on their forums for help on how to fix this issue using the lego tool. You can first try to update the lego tool to the latest version, and then request a new SSL certificate (or force a renewal).

Apart from that, you can also try to update the SSL certificates on your server by following the steps in the stackoverflow link shared below. However, before doing any other change on your server, we highly recommend you to create a server backup so you can easily restore it to a known state in case anything fails.

https://docs.bitnami.com/google/faq/administration/backup-restore-server/

Find below the link to the steps for updating the SSL certs on your server. Remember to remove the offending SSL certificate in your case instead of the Mozilla one mentioned.

https://stackoverflow.com/a/62178056/5027595

I also recommend you to “force” the recreate process using the command below

sudo update-ca-certificates --verbose --fresh

Thank you @gongomgra so much for your help.

Just wondering if I install a new Bitnami WordPress website, will the root certificate be ISRG Root X1, and won’t have any issue with the expired SSL certificate?

Hi @lincoln,

Thanks for your message. I launched a fresh new server and it includes the new ISRG_Root_X1.crt certificate, which I understand solves the issue. Can you start a new server and check if you reproduce the issue?

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.