I’m trying to add a new hostname to my server.
At this moment, I have two host name, both certified with certbot-letsencrypt: new-plat11.ddns.net new-plat11sim01.ddns.net
I want to add the new hostname: new-plat123.ddns.net
Please, can you tell me exctly what is the line command I have to enter for doing that?
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator webroot, Installer apache
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for new-plat123.ddns.net
Using the webroot path /var/www/html-123 for all unmatched domains.
Waiting for verification…
Cleaning up challenges
Failed authorization procedure. new-plat123.ddns.net (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://new-plat123.ddns.net/.well-known/acme-challenge/GRcinsnJJW3BlVnfnLOWjO7sfjJ8dljyEagj7KAaddc: “\n\n404 Not Found\n\n
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.
Hi JuergenAuer,
thank you for your answer!
I tried as you said, but it seems it doesn’t work!
I made the certification with the other two hostnames some months ago and, now, I don’t remember what exactly I did.
Maybe, when I made the certification, I said to redirect all the request from port 80 to secure port 443, without personally changing any apache configuration files.
If you mean that for redirection, now I don’t know exactly where I can go and what I can do in order to properly redirect!
Can you suggest me something?
Thank!
<VirtualHost *:80>
# The ServerName directive sets the request scheme, hostname and port that
# the server uses to identify itself. This is used when creating
# redirection URLs. In the context of virtual hosts, the ServerName
# specifies what hostname must appear in the request’s Host: header to
# match this virtual host. For the default virtual host (this file) this
# value is not decisive as it is used as a last resort host regardless.
# However, you must set it for any further virtual host explicitly.
ServerName new-plat123.ddns.net
ServerAdmin webmaster@new-plat123.ddns.net
DocumentRoot /var/www/html-123
ServerAlias www.new-plat123.ddns.net
# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
# error, crit, alert, emerg.
# It is also possible to configure the loglevel for particular
# modules, e.g.
LogLevel info
ErrorLog ${APACHE_LOG_DIR}/error_123.log
CustomLog ${APACHE_LOG_DIR}/access_123.log combined
# For most configuration files from conf-available/, which are
# enabled or disabled at a global level, it is possible to
# include a line for only one particular virtual host. For example the
# following line enables the CGI configuration for this host only
# after it has been globally disabled with "a2disconf".
#Include conf-available/serve-cgi-bin.conf
OK! Now is working!
I deleted the last lines with the Rewrite directives, disabled and then (re-)enabled the new config file, restarted apache server, regave the certbot command and…
all is working!
Thank you Juergen!
This sounds like the HTTP root and the HTTPS root are different.
Certbot will place the challenge file at the HTTP --webroot/.well-known/acme-challenge/ folder.
But when the HTTP server block redirects to HTTPS, then they must match.
NOTE: Even if an HTTPS block for this name does NOT yet exist, Apache will still serve the content from the default HTTPS vhost. [which may have another document root - and cause this to fail]
Moral: Don't forward to HTTPS before having configured an HTTPS server block [which requires a cert - so don't to use HTTPS before obtaining the cert for it].