SWAG, DuckDNS & Let's Encrypt - cert errors for subdomains (used to work)

Hi there…

So this used to work, but all of a sudden it doesen.t, since a couple of weeks (months?) ago.

My problem is that I get the “Deceptive site ahead” warning in my browser (Chrome), so I have to to click the “visit this unsafe site”. Annoying, but not more than that. However, after upgrading my Home Assistant Android app - it crashes when trying to access the “unsafe site”.

So I’m running SWAG with DuckDNS and Let’s Encrypt.

My setup looks like this:

A.MySite.duckdns.org
B.MySite.duckdns.org
C.MySite.duckdns.org
D.MySite.duckdns.org
E.MySite.duckdns.org
F.MySite.duckdns.org

The SWAG log says;

TZ=REPLACED/REPLACED

URL=Mysite.duckdns.org

SUBDOMAINS=wildcard

EXTRA_DOMAINS=

ONLY_SUBDOMAINS=false

VALIDATION=duckdns

CERTPROVIDER=

DNSPLUGIN=

EMAIL=

STAGING=

the resulting certificate will only cover the subdomains due to a limitation of duckdns, so it is advised to set the root location to use www.subdomain.duckdns.org

Using Let’s Encrypt as the cert provider

SUBDOMAINS entered, processing

Wildcard cert for only the subdomains of Mysite.duckdns.org will be requested

No e-mail address entered or address invalid

dns validation via duckdns plugin is selected

Certificate exists; parameters unchanged; starting nginx

The cert does not expire within the next day. Letting the cron script handle the renewal attempts overnight (2:08am).

[custom-init] No custom files found, skipping…

[ls.io-init] done.

Server ready

So it all looks legit to me…

I fell I’m missing something obvious here.

Any advice on what to do next gladly accepted.

You need to contact Google about that, it’s nothing to do with us.

Thanks Driz.

I wasn’t sure if your answer was funny attempt at saying “Google it”.

But I thought - this is never going to work out - but I’ll see what happens when I try another browser, in my case Microsoft edge. And wouldn’t you know it - it works like charm!

So many thanks Driz!

To clarify, he wasn’t telling you to Google search. He was telling you to contact the publisher of the browser you’re using, because it is Google Chrome that decides which websites or urls may look fishy, and they have lots of false positives especially when it comes to self hosting.

There is also a report button on that red page, which sometimes works

yes, I understand that now, but when i read it, the answer was so short (but correct), that I thought he must trying to be “smart”.

But yes, I prefer just switching to a less picky browser rather than reporting it to Google, and then waiting and see what happens…

Thanks to you both!

unfortunately, some relatively recent change from google is causing chrome to do this on many self-hosted sites. From what we’ve been told it’s relatively simple to “fix” but it must be done through them (Google, in your case). If you must use chrome, try chromium or edge, neither of which suffer from the same issue (so far).

This topic was automatically closed 5 days after the last reply. New replies are no longer allowed.