LiquidFiles Documentation
LiquidFiles Documentation

Renew Expired Certificate

If you let your Certificate Expire, you will not be able to connect to the system with your normal browser without taking some extra steps. The reason is because LiquidFiles, like any modern web application, has configured HSTS that in short tells browsers that they should connect to this web application using only HTTPS and that there will be a valid certificate for the next 2 Years. If we let the certificate expire this is no longer true and we will receive a warning similar to the following.

In this screenshot above we tried to access that did not have a valid certificate. We have clicked on the "Advanced" button and can verify that the reason is because of HSTS.

Our options to get past this screen boils down to:

  • If your browser has a Incognito/Privacy privacy mode, it will often let you connect to a site with an invalid/expired certificate regardless of HSTS.
  • You can remove your URL from the HSTS cache in the browser. In Chrome based browsers, this is done by visiting chrome://net-internals/#hsts.
  • You can use a virgin browser, a browser you haven't used with your LiquidFiles system so it won't have any HSTS information saved. If you normally use Chrome, use Firefox when connecting to the site with the expired certificate, or vice versa.

Once you have access to the site, renewing the certificate is functionally the same as creating a new certificate the first time you configured certificates in LiquidFiles. Please see the Certificate Install Guide for more information how to install a new certificate.

Video Walkthrough

Please see the following for a video walkthrough of getting access to a LiquidFiles system with a expired certificate.