SSL Certificate by Cloudron not trusted
-
@jordanurbs FWIW, the ssl cert of your site is actually fine here. I wonder if this is just some caching issue? Do you see this if you switch browsers/devices? I suspect that the DNS switch from old IP to new IP (or something like that) is not completely propagated and as a result it is trying to contact some other server (and thus the cert warning).
-
@girish thanks for looking into it and yeah, it's got every sign of a browser cache issue but I can't pinpoint the actual problem as clearing caches doesn't seem to fix it. Been happening on multiple browsers. I'll check with the domain host and registrar...
-
@jordanurbs you might have to clear hsts and not just the cache.
-
@jordanurbs I think it's a question of DNS propagation. Can you ping the domain in question from your computer, and check if the IP in question corresponds to the new server, or the old one ?
-
Right you can also check with curl if it's a browser issue or not?
curl https://slappersonly.co. curl will get self-signed cert error if there is some cert issue. You can also dohost slappersonly.coto see the IP it is resolving to. -
@girish @mehdi Thank you. I found out that the domain registrar, who had been the domain's host prior to me taking over, was still attempting to generate a Let's Encrypt certificate.
I am assuming that is the issue. I couldn't find any issue with curl (it just showed me the html source?) and dig, host and ping all show the correct IP. As soon as I can close all my tabs to clear HSTS I'll be able to confirm that all is well.
One thing that might be an issue, what about users whose browsers all still carry the old cert settings? I can't have everyone reset their hsts settings.
-
@jordanurbs said in SSL Certificate by Cloudron not trusted:
One thing that might be an issue, what about users whose browsers all still carry the old cert settings? I can't have everyone reset their hsts settings.
I think most likely this issue is only on your machine and not on others. Atleast, it works for me fine across multiple devices.
-
@girish A little update. I cleared my HSTS settings and sure enough it's fine on my machines.
But I also asked a handful of other people to check the domain. Some who have visited the domain before, some who hadn't. They all get the Cloudron in the wild error, particularly when using www before the domain... any ideas?
I've just about given it up and moved it all over to a fresh domain but I figure you should know about it.
-
@jordanurbs It doesn't looks like you have an app installed on the domain at all. Can you send me the domain to support@cloudron.io or alternately you can post it here if the site is public anyway.
-
@girish so I created a new WP install on a different cloudron for the domain, https://slappersonly.co -- everything seems in order now, even for people who had errors before. Meanwhile I switched the older WP install to a new domain on the original cloudron https://slaps.vip .. there do not seem to be any issues for either domain now.
Not too terribly inconvenient as the 2 sites serve different purposes for the same brand, but bizarre nonetheless.
