My website got hacked which forced me to do a clean install of my website. I also upgraded my hosting plan which put me on a new server. When I go to the new site, on my manjaro machine only, I get a message that the site is not secure (no SSL). When I look at the details it shows that there is a self signed certificate that is expired. I checked on my phone, my son’s computer and a friend’s computer and they all load corectly, so it appears to only be on my computer.
In searching the forums and Google I tried flushing the local dns, and ran curl. Curl showed me that the url was resolving to the old IP address (see below). I tried running resolvectl and it would not accept the new ip address.
I think the question is how do I find the ssl certificate that was self signed and remove it? I am not a linux expert, maybe a tad over newbie, lol
curl -1v https://greatbookshop.com
- Trying 188.8.131.52:443…
- Connected to greatbookshop.com (184.108.40.206) port 443 (#0)
- ALPN, offering h2
- ALPN, offering http/1.1
- CAfile: /etc/ssl/certs/ca-certificates.crt
- CApath: none
- TLSv1.3 (OUT), TLS handshake, Client hello (1):
- TLSv1.3 (IN), TLS handshake, Server hello (2):
- TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
- TLSv1.3 (IN), TLS handshake, Certificate (11):
- TLSv1.3 (OUT), TLS alert, unknown CA (560):
- SSL certificate problem: self signed certificate
- Closing connection 0
curl: (60) SSL certificate problem: self signed certificate
More details here: curl - SSL CA Certificates
curl failed to verify the legitimacy of the server and therefore could not
establish a secure connection to it. To learn more about this situation and
how to fix it, please visit the web page mentioned above.