Adding certs for mail and ftp

I have successfully installed a certificate for my website at www greatbluestudios com. (As well as main greatbluestudios com)

Now I am trying to add my mail and ftp servers, which are at mail(dot)greatblustudios(dot)com and ftp(dot)greatbluestudios(dot)com, respectively. I may be misunderstanding what is expected here - I added these lines in my configuration file:

<VirtualHost *:80>
DocumentRoot “/var/www/html”

Now when I run the auto procedure, it fails during the challenge stage, I’m sure because the challenge files can’t be properly resolved at the URL with “mail.(…)/.well-known/acme-challenge”. Can you suggest the right process for this?

My domain is:

I ran this command: certbot-auto --apache

It produced this output:

[root@main conf]# /usr/local/bin/certbot-auto --apache
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator apache, Installer apache

Which names would you like to activate HTTPS for?

1: main.greatbluestudios. com
2: www.greatbluestudios. com
3: ftp.hoffmanartdesign. com
4: mail.hoffmanartdesign. com

Select the appropriate numbers separated by commas and/or spaces, or leave input
blank to select all options shown (Enter ‘c’ to cancel): 1,2,3,4

You have an existing certificate that contains a portion of the domains you
requested (ref: /etc/letsencrypt/renewal/main.greatbluestudios. com.conf)

It contains these names: main.greatbluestudios. com, www.greatbluestudios. com

You requested these names for the new certificate: main.greatbluestudios. com,
www.greatbluestudios. com, ftp.hoffmanartdesign. com, mail.hoffmanartdesign. com.

Do you want to expand and replace this existing certificate with the new

(E)xpand/©ancel: E
Renewing an existing certificate
Performing the following challenges:
http-01 challenge for ftp.hoffmanartdesign. com
http-01 challenge for mail.hoffmanartdesign. com
Waiting for verification…
Challenge failed for domain ftp.hoffmanartdesign. com
Challenge failed for domain mail.hoffmanartdesign. com
http-01 challenge for ftp.hoffmanartdesign. com
http-01 challenge for mail.hoffmanartdesign. com
Cleaning up challenges
Some challenges have failed.


My web server is (include version): Apache 2.2.15

The operating system my web server runs on is (include version): Centos 6

My hosting provider, if applicable, is: N/A

I can login to a root shell on my machine (yes or no, or I don’t know): Yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): No

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): 0.39.0

1 Like

The first two names resolve to IP:
The second two resolve to IP:
[not sure it that is the mix up]
But Apache would need to hear the http challenge requests in order to reply to them.
So, are both IPs being served by the same Apache system (at least the port 80 part) ?
Or does http://mail… go directly to the mail server?

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.