Expired SSL on Cloud Hosting - HELP!

[AtariAge]

The SSL certificate for forums.atariage.com has expired, and guests cannot visit my forum without seeing this:

 

 

This is extraordinarily bad timing, as we just had a huge announcement two days ago, so there is a ton of new visitors to the site who are now going to see this, as well as current users who are going to be wondering what the heck is going on.  Quite a bad look for us, and I'm quite unhappy about this right now.  I hope someone from Invision will see this and fix it as quickly as possible!

Thank you.

I can't even bypass this to get into the forum due to the HSTS policy, and neither can anyone else, so this has effectively taken the forum down, and I can't even explain to people what is going on. 

This looks even worse in Chrome:

[AtariAge]

I really hope this doesn't take 24 hours to fix.  Does anyone from Invision support work on the weekends?

[marklcfc]

Quite poor this is. If you want to host as well you need to fix things like this (and also listen to criticism)

I'm pretty sure back when we had a ticket system this would have got seen to.

Edited September 10, 2023 by marklcfc

[Matt]

Cloud customers do get tickets. The ticket was sent in around 1am our time Sunday morning. I responded around 8:30am and got the help of Marc to investigate the issue. 
 

We have auto renewing SSL certificates which rely on a CNAME being added to the domain which we inform the customer at the time they sign up. 
 

On this occasion the CNAME is missing from the domain name which we do not control so the auto renewal is flagged as PENDING on our side. As soon as the CNAME entry has been added, it’ll auto renew. 
 

So to be clear, the customer got support on a Sunday morning by two members of our team for an issue that was with the domain name we do not control. 

[AtariAge]

I can confirm that I was given both CNAME entries last year when I signed up for the service.  I have no idea why one of them seemingly vanished on its own, which is rather concerning.  If that CNAME entry is only needed for the SSL renewal to succeed, that could have disappeared anytime in the last year.

It would be nice if this information was in the client area, this wasn't even something I even considered might be wrong, since it never dawned on me that a CNAME might have gone missing.  I definitely would have checked, though, if I saw this information in the client area, and I would have been back online much faster.

[Matt]

Glad it’s all resolved now. I’m going to lock this now as it’s all sorted. 

[Charles]

Glad you were able to put the DNS entries back.

For anyone reading this: be sure to keep the DNS entries we give you in place. If you keep them there, the certificates automatically renew and there are no issues.