Expired HTTPS certificate

Hello stall catcher technical team,

It seem’s the stall catcher web site HTTPS certificate is outdated.
The expiration date is today 27/06/2020.

https://stallcatchers.com is currently unavailable in France.

Recommandation : I noticed you are using let’s encrypt, perhaps are you using certbot on your servers. ? If it’s the case you can easilly renew the https certificate by typing certbot renew command.

Best regards

2 Likes

Hi, stall_catcher. I also sent an alert to the team at info@eyesonalz.com in case they’d not yet seen your chat box or forum posting. In the US, when the “Not safe” message comes up, one can still navigate to the site by selecting the “advanced” button at the bottom of the message, which gives the option to proceed to the site anyway. It seems to annoy them when you choose that option. :wink:

PS. This has been an on-going issue. Just fyi, here’s a posing from last year: "We are trying to establish a rhythm on this. We recently (end of last year [that would be 2018, Mike]) purchased a service that auto-renews our certificates. At the time, I thought that would prevent situations like this. As it turns out, it’s not renewing the existing certificates, it’s obtaining new ones each time, that have to be installed manually. And we have several sites using these. So we are trying to sync up the renewal dates so that every two months, I can just go through and do them all in one fell swoop before anything goes offline or generates certificate errors for users. Ideally, we’ll come up with an automated system for installing the new certificates … " (That information was from Pietro.)

Obviously, they’re still trying to iron thing out. Regards,

Mike C.

1 Like

Hi caprarom,

Thank you for alerting the stall catcher’s team :slight_smile:

I used the option to proceed to the site anyway, to me it’s not problemaic as I know well this kind of issues.

But it’s a real problem because the website doesn’t work properly as some requests are canceled randomly on google chrome (v83) because of the expired certificate. In this case the only option is to reload the page multiple time.

I noticed the website is served using a Microsoft http server : Microsoft-IIS/10.0.

Normally let’s encrypt certificates can be renewed automatically as let’s encrypt provide a tool to simplify this kind of tasks, even on Windows server :), see link bellow on the let encrypt website :

https://certbot.eff.org/lets-encrypt/windows-other.html

On linux I use a cronjob (as a task scheduler) to automate this.
On Windows server, their is a task scheduler provided with the operating system.

Regards,

Brendan B.

1 Like

The problem seem’s to be resolved now :slight_smile:

Dear @stall_catcher,

Apologies to you and any other catchers who have experienced a service interruption related to expired security certificates. These browser security warnings can look quite scary, though please rest assured, our site has not been hacked :slight_smile:

Thank you @stall_catcher for suggesting a solution!

You are exactly right that we are using Let’s Encrypt certificates. We are aware of certbot and have used it in the past. We recently switched to a dedicated DNS provider to improve quality of service and consolidate resources, and have been gradually transitioning all domains and certificates to that provider.

The upshot of all this is that we are still manually installing the certificates when they renew every two months. The challenge is that we have about 10 of these and they each renew on a different cycle, so we are now working to synchronize those cycles and stay ahead of the curve.

Eventually we will reinstate automation - the issue is that each domain is in a different environment, so we will have to addresses these one at a time. Stall Catchers will be at the top of that list.

Best wishes,
@pietro

2 Likes