I’m installing certbot on a CentOS 6.9 / apache system. This machine is hosting several domains; my main httpd.conf file has Include files that pull in the specifications for each of the domains. When I run certbot to create the certificates, all of the domains work in https EXCEPT for one, for which I had long ago created a self-signed certificate. When I try to go to this site – we’ll call it https://linux.example.com – I get a browser complaint on the order of "This connection is not private (Safari) or some such; digging further, I can check the certificate that the browser is complaining about, and it’s the old, self-signed one. It seems to be a valid certificate; it’s just the wrong one.
The contents of the certbot-created linux-le-ssl.conf file look correct – they’re pointing to the same newly-created certificate all the other domains are using. The virtual host definition of linux2 is about as vanilla as it can be –
<VirtualHost *:80>
ServerName linux.example.com
ServerAlias linux.example.com
DocumentRoot /var/www/html/linux
CustomLog /var/log/httpd/linux-log combined
ErrorLog /var/log/httpd/linux-error-log
RewriteEngine on
RewriteCond %{SERVER_NAME} =linux.example.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [L,NE,R=permanent]
</VirtualHost>
I guess I need to disable the old self-signed certificate and let the new one take over, but I’m not at all sure how to do that (or if that’s even the right thing). Any advice out there? Thanks!