Lets Encrypt Invalid Certificate Error on all of my sites

I have about 30 websites divided between two Hestia servers. They all have Let’s Encrypt Certficates and the DNS for all of them was set up properly with CAA records pointing to Lets Encrypt. I used Hestia to install the LE Certficates right after I added each website to its own user. Up until a few minutes ago, all were displaying well.

However, suddenly, none of my websites will display. They all have browser warnings claiming the certificates are not valid. Clicking accept risk takes me to this page (note that I am not using the FORTINET firewall):

FORTINET Webfilter… This Connection is Invalid. SSL certificate expired. A secure connection to createyourownonlinestore.org cannot be established. When you try to connect securely, sites will present trusted identification to prove that you are going to the right place. However, this site’s identity can’t be verified.

Site createyourownonlinestore.org

Certificate CN createyourownonlinestore.org

Certificate Authority R3

Certificate Validity

Not Before: Dec 22 15:48:28 2021 GMT

Not After: Mar 22 15:48:27 2022 GMT

Note: I tried replacing the Lets Encrypt Certificate with a new one but I got the same error. Any help or ideas would be greatly appreciated.

Here are some claimed solutions I found on the Internet but I have not been able to implement any of them:

To fix the problem, we had to change the policy to a new SSL/SSH policy we created with no inspection of any ports. Once we applied that, the issue went away.

You need to enable “allow invalid cert” (set invalid-Server-cert allow) as a workaround.

First step would be contacting your provider.

If I access: https://ns1.xxxxtheclouds.com:8083 I get a valid SSL certificate

When I access https://ns1.xxxxtheclouds.com I get the same as FORTINET…

Thank you for the suggestion. I have been going through the apache error logs for hours without too much success. I will contact the provider to see if they can help and post back here if and when I get a solution.

As usual, Eris was correct. The problem was due entirely to a Policy change by my Provider. Once they fixed the problem, all the sites returned to normal. Here is the explanation I got from the Provider:
This is an error caused by our Fortigate Intrusion Prevention Certificate policy.
These firewalls were updated yesterday and the ssl handshake inspection is much more invasive now. I over looked this and have now adjusted the policy.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.