Incorrect SSL showing

Hi Support,

Domain: https://www.*****/
Question: What is the main reason a deleted, old and expired SSL was shown in an active site?
Screenshot: ***
Enlarge Screenshot: ***

Action taken:

  1. During investigation, I noticed that IIS and SSL bindings are correct.
  2. I have refreshed Certify The Web certificate as soon as I received complaint from the client. The SSL was fixed after the SSL has been refresh.

How can we prevent in future?

Please advise. Thanks in advance

Siew Siew

Hi, the normal reason for the incorrect ssl cert showing is that you have created an https binding that does not use SNI or binds directly to a specific IP (is not set to “all Unassigned” in IIS). IP specific bindings take priority over all other bindings in IIS and if you only have one IP address on your server then any https binding that doesn’t have SNI set will also take priority.

Note that customers will license keys (which I’m assuming you are) should send support tickets to support {at} instead of having to publish their question publicly here.

You mentioned you refreshed the certificate in certify the web and it started working - you should check the log file for any recent errors and you should ensure that the managed certificate is selected for auto renewal (by default it would be - see Certificate > Advanced > General Options). You should also ensure you are using the latest version of the app and that the email address specified under Settings > Certificate Authorities is a real one that is monitored as renewal failure notifications will be sent there. You will also receive emails from Let’s Encrypt if your certificate is reaching it’s expiry so you can action the problem before the cert expires.

For general site status checks I recommend tools like for uptime checks.

Thanks for the explanation WebProfusion