I have successfully installed a certificate for my website at www greatbluestudios com. (As well as main greatbluestudios com)
Now I am trying to add my mail and ftp servers, which are at mail(dot)greatblustudios(dot)com and ftp(dot)greatbluestudios(dot)com, respectively. I may be misunderstanding what is expected here - I added these lines in my configuration file:
<VirtualHost *:80>
DocumentRoot “/var/www/html”
ServerName main.greatbluestudios.com
ServerAlias www.greatbluestudios.com
Serveralias mail.hoffmanartdesign.com
Serveralias ftp.hoffmanartdesign.com
Now when I run the auto procedure, it fails during the challenge stage, I’m sure because the challenge files can’t be properly resolved at the URL with “mail.(…)/.well-known/acme-challenge”. Can you suggest the right process for this?
My domain is: greatbluestudios.com
I ran this command: certbot-auto --apache
It produced this output:
[root@main conf]# /usr/local/bin/certbot-auto --apache
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator apache, Installer apache
Which names would you like to activate HTTPS for?
1: main.greatbluestudios. com
2: www.greatbluestudios. com
3: ftp.hoffmanartdesign. com
4: mail.hoffmanartdesign. com
Select the appropriate numbers separated by commas and/or spaces, or leave input
blank to select all options shown (Enter ‘c’ to cancel): 1,2,3,4
You have an existing certificate that contains a portion of the domains you
requested (ref: /etc/letsencrypt/renewal/main.greatbluestudios. com.conf)
It contains these names: main.greatbluestudios. com, www.greatbluestudios. com
You requested these names for the new certificate: main.greatbluestudios. com,
www.greatbluestudios. com, ftp.hoffmanartdesign. com, mail.hoffmanartdesign. com.
Do you want to expand and replace this existing certificate with the new
certificate?
(E)xpand/©ancel: E
Renewing an existing certificate
Performing the following challenges:
http-01 challenge for ftp.hoffmanartdesign. com
http-01 challenge for mail.hoffmanartdesign. com
Waiting for verification…
Challenge failed for domain ftp.hoffmanartdesign. com
Challenge failed for domain mail.hoffmanartdesign. com
http-01 challenge for ftp.hoffmanartdesign. com
http-01 challenge for mail.hoffmanartdesign. com
Cleaning up challenges
Some challenges have failed.
IMPORTANT NOTES:
-
The following errors were reported by the server:
Domain: ftp.hoffmanartdesign. com
Type: unauthorized
Detail: Invalid response from
http://ftp.hoffmanartdesign.com/.well-known/acme-challenge/JUwpR0aV5dnfGao7hSp0fbQOAF7RXoBk6OTscD3bYTU
[199.204.135.123]: “\r\n<!–[”Domain: mail.hoffmanartdesign.com
Type: unauthorized
Detail: Invalid response from
http://mail.hoffmanartdesign.com/.well-known/acme-challenge/Cgku72cRwShTx9x9-oOZxAPBrQQbNtehzkHQiazFGAo
[199.204.135.123]: “\r\n<!–[”To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.
My web server is (include version): Apache 2.2.15
The operating system my web server runs on is (include version): Centos 6
My hosting provider, if applicable, is: N/A
I can login to a root shell on my machine (yes or no, or I don’t know): Yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel): No
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): 0.39.0