Adding a second SSL certificate to existing VPS

Help
1

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: ai.update.team

I ran this command: sudo certbot certonly --cert-name ai.update.team --key-type rsa --webroot -w /var/www/html -d ai.update.team -d ai.update.team -d update.solutions -d update.solutions

It produced this output: Invalid response from https://ai.update.team/.well-known/acme-challenge/PClN2efLbxySUqbNpp_IT6Y7MDWk6nQG50me0zjFAKo: 404
My web server is (include version): vps ubuntu 22.04 nginx

The operating system my web server runs on is (include version):

My hosting provider, if applicable, is: hostinger

I can login to a root shell on my machine (yes or no, or I don't know): yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): certbot 1.21.0

3

Hi @aaureli, and welcome to the LE community forum :slight_smile:

Since this is going to be a second cert, let's review the current cert status.
Please show:

sudo certbot certificates

Please also verify:

  • all names resolve to the expected IP address(es)
  • that HTTP access is allowed

Also...

That is NOT the recommended version for:

Please follow the installation guide:

Certbot (eff.org)

3 Likes
4

Thanks @rg305 for your reply. Here are the results :

Found the following certs:
  Certificate Name: ai.update.team
    Serial Number: 403b20bc5dc656b854744120f86a73edb5d
    Key Type: ECDSA
    Domains: ai.update.team
    Expiry Date: 2023-12-25 14:56:00+00:00 (VALID: 52 days)
    Certificate Path: /etc/letsencrypt/live/ai.update.team/fullchain.pem
    Private Key Path: /etc/letsencrypt/live/ai.update.team/privkey.pem

Whats certbot version I should use for ubuntu 22.04 ?

5

It is currently 2.7.4
[available via snap]

3 Likes
6

There are a couple of "things" that make that request less than optimal:

  • the request is for an RSA cert
    the current cert uses ECDSA:
    Key Type: ECDSA
    that is not a problem - the problem is that you are requesting the exact same cert name
    --cert-name ai.update.team
    should this request succeed, it would replace/delete the current cert with that exact same name:
    Certificate Name: ai.update.team

  • the request asks for four names:
    -d ai.update.team -d ai.update.team -d update.solutions -d update.solutions
    but both names are repeated twice
    ...so, that should be only two names: -d ai.update.team -d update.solutions

3 Likes
7

can not install certbot from snap I got : system does not fully support snapd: cannot mount squashfs image using "squashfs": mount:
/tmp/syscheck-mountpoint-726408326: mount failed: Operation not permitted.
so I installed with apt-get simply, so the version is old...

1 Like
8

I resolved ! Thanks for your kind help @rg305

2 Likes
9

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.