Hello. I’m relatively new to Linux after 20 years developing for the Windows environment. We lease an EC2 server from Amazon AWS. We have 2 different websites on the server which runs Ubuntu 16.04 and Nginx 1.10.3. I placed the first website (email.causeaction.com and mail.causeaction.com) in the path /var/www/html because at the time I thought that it would be the only PHP web application we would host there. I placed the 2nd website (causeaction.com and www.causeaction.com) in the path /var/www/causeaction.com/html.
I had created the certificate for email.causeaction.com a while ago and it works fine. I do NOT remember the syntax I used to create it. I was wondering if there is a Certbot command to “reconstruct” the command syntax I used to create that certificate? But that is a separate question.
Here is the syntax I used to create the latest certficiate, which is NOT being recognized by web browsers.
certbot certonly --webroot -w /var/www/causeaction.com/html -d www.causeaction.com -d causeaction.com
Here is the output from the “certbot certificates” command.
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Found the following certs:
Certificate Name: email.causeaction.com
Domains: email.causeaction.com mailer.causeaction.com
Expiry Date: 2018-06-16 23:33:13+00:00 (VALID: 64 days)
Certificate Path: /etc/letsencrypt/live/email.causeaction.com/fullchain.pem
Private Key Path: /etc/letsencrypt/live/email.causeaction.com/privkey.pem
Certificate Name: www.causeaction.com
Domains: www.causeaction.com causeaction.com
Expiry Date: 2018-07-11 14:30:55+00:00 (VALID: 88 days)
Certificate Path: /etc/letsencrypt/live/www.causeaction.com/fullchain.pem
Private Key Path: /etc/letsencrypt/live/www.causeaction.com/privkey.pem
When I go to https://causeaction.com I get the Warning from Firefox that there is no valid certificate.
I click on Advanced and see this message.
So it is looking at the FIRST certificate and ignoring the 2nd.
Does anyone have a suggestion on how to remedy this?
I don’t want to make a mistake and ruin the current GOOD certificate for “email.causeaction.com” because that is a very busy website.
So if I could re-create the Certbot Syntxx used to generate the first Certificate that is being recognized by the Browser, then I will just add the other domain names to a single certificate. But if I could keep them separate, because they are indeed very different websites, that might be a better solution.
Thanks for any help.