View All Products
Compute
Storage
Networking
Databases
Services
Developer Tools
Industries
Pricing
Community
Engage With Us
Community Questions SSL Renewal Issue
Log in to Ask a Question

SSL Renewal Issue

Linode Staff

Hello,

I just renewed the SSL certificate for my site at Godaddy. When I first created the SSL I generated a CSR and everything was working fine. This time since it is renewal, I didn't generate CSR. Is it okay?

All I did was:

Downloaded the certificates(example_com.crt, godaddy.crt) from Godaddy.

Replaced the old crt files(2 files) under /etc/ssl/localcerts/

Ran the below commands:
cat example_com.crt godaddy.crt > example.com.crt
chmod 400 /etc/ssl/localcerts/example.com.crt
service apache2 reload

I even restarted tomcat.

If I open my site and click the "Lock" symbol, it is still showing the old certificate.

1 Reply

Hello,

I recommend running the below command to find out what directory is being used for your SSL installation.

greep -i -r "SSLCertificateFile" /etc/httpd/

You should replace /etc/httpd/ with the directory of your Apache installation.

A great tool for diagnosing SSL issues is openssl. I provided information below on using openssl to check which SSL certificate is installed.

Run the following Command:

openssl s_client -connect IPadressofserver:443 -state -showcerts

Look for the section "Certificate chain", the first lines should have your new certificate information, check and see if CN= matches your new certificate.

Run the OpenSSL command using your domain name to compare the resaults:

openssl s_client -connect domain.com:443 -state - showcerts

More helpful openssl commands can be found here

Reply

Please enter an answer
Tips:

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (https://www.google.com)

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Log in to Reply
Community Code of Conduct