All my sites are down. Can't figure out why!

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: ttlevelup.com

I ran this command: certbot-auto certificates

It produced this output:
Certificate Name: www.ttlevelup.com
Domains: www.ttlevelup.com ttlevelup.com
Expiry Date: 2020-01-08 16:28:15+00:00 (VALID: 89 days)
Certificate Path: /etc/letsencrypt/live/www.ttlevelup.com/fullchain.pem
Private Key Path: /etc/letsencrypt/live/www.ttlevelup.com/privkey.pem

My web server is (include version): apache 2.2.15

The operating system my web server runs on is (include version): CentOS 6.9

My hosting provider, if applicable, is: GCP

I can login to a root shell on my machine (yes or no, or I don’t know): yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): certbot 0.39.0

Even though the above expiration shows 89 days till expiration, the certificate info in the browser shows yesterday. What could be wrong? I’ve been using LetsEncrypt for several years now without problems.

1 Like

Hi @mdegalli

you have created some certificates - https://check-your-website.server-daten.de/?q=ttlevelup.com

Issuer not before not after Domain names LE-Duplicate next LE
Let’s Encrypt Authority X3 2019-10-10 2020-01-08 ttlevelup.com, www.ttlevelup.com - 2 entries duplicate nr. 1
Let’s Encrypt Authority X3 2019-10-10 2020-01-08 bluemarblesrenovation.com, clinicalcoordination.org, degallier.net, dev.littlelightmedia.com, elisabethdegallier.com, elmersautos.com, fondueapp.com, ideas-inspire.com, janacraft.com, journeytoauthenticity.com, littlelightmedia.com, mildly-minimalist.com, owaarchitects.com, rushcreekltd.com, studentpassport.littlelightmedia.com, t16studios.com, ttlevelup.com, tucsonexplorers.com, vdcpartners.com, winonachristianschool.org, www.bluemarblesrenovation.com, www.clinicalcoordination.org, www.degallier.net, www.elisabethdegallier.com, www.elmersautos.com, www.fondueapp.com, www.ideas-inspire.com, www.janacraft.com, www.journeytoauthenticity.com, www.littlelightmedia.com, www.mildly-minimalist.com, www.owaarchitects.com, www.rushcreekltd.com, www.t16studios.com, www.ttlevelup.com, www.tucsonexplorers.com, www.vdcpartners.com, www.winonachristianschool.org - 38 entries duplicate nr. 2
Let’s Encrypt Authority X3 2019-10-10 2020-01-08 bluemarblesrenovation.com, clinicalcoordination.org, degallier.net, dev.littlelightmedia.com, elisabethdegallier.com, elmersautos.com, fondueapp.com, ideas-inspire.com, janacraft.com, journeytoauthenticity.com, littlelightmedia.com, mildly-minimalist.com, owaarchitects.com, rushcreekltd.com, studentpassport.littlelightmedia.com, t16studios.com, ttlevelup.com, tucsonexplorers.com, vdcpartners.com, winonachristianschool.org, www.bluemarblesrenovation.com, www.clinicalcoordination.org, www.degallier.net, www.elisabethdegallier.com, www.elmersautos.com, www.fondueapp.com, www.ideas-inspire.com, www.janacraft.com, www.journeytoauthenticity.com, www.littlelightmedia.com, www.mildly-minimalist.com, www.owaarchitects.com, www.rushcreekltd.com, www.t16studios.com, www.ttlevelup.com, www.tucsonexplorers.com, www.vdcpartners.com, www.winonachristianschool.org - 38 entries duplicate nr. 1

But you use an older certificate

CN=bluemarblesrenovation.com
	11.07.2019
	09.10.2019
1 days expired	apnpaofmn.littlelightmedia.com, bluemarblesrenovation.com, clinicalcoordination.org, 
degallier.net, dev.littlelightmedia.com, dmlevelup.com, elisabethdegallier.com, elmersautos.com, 
fondueapp.com, ideas-inspire.com, janacraft.com, journeytoauthenticity.com, littlelightmedia.com, 
mildly-minimalist.com, owaarchitects.com, rushcreekltd.com, sl-montana.littlelightmedia.com, 
sl-prelic.littlelightmedia.com, studentpassport.littlelightmedia.com, t16studios.com, ttlevelup.com, 
tucsonexplorers.com, vdcpartners.com, winonachristianschool.org, www.bluemarblesrenovation.com, 
www.clinicalcoordination.org, www.degallier.net, www.dmlevelup.com, www.elisabethdegallier.com, 
www.elmersautos.com, www.fondueapp.com, www.ideas-inspire.com, www.janacraft.com, 
www.journeytoauthenticity.com, www.littlelightmedia.com, www.mildly-minimalist.com, 
www.owaarchitects.com, www.rushcreekltd.com, www.t16studios.com, www.ttlevelup.com, 
www.tucsonexplorers.com, www.vdcpartners.com, www.winonachristianschool.org - 
43 entries

that’s expired.

Perhaps you have to install your new big or your new small certificate.

A different set of domain names -> certbot may not know how to install the certificate if there is no matching vHost.

2 Likes

how do I get rid of these duplicates?

Fixed my problems by pointing all my /etc/httpd/conf.d/[domainname].com-le-ssl.conf to their corresponding /etc/letsencrypt/live/[domain] folders.

NOTES: For some reason, some of the letsencrypt live folders have www… and some do not.
I also wonder, now that each domain is not sharing an over-arching domain … will they renew automatically and correctly? We shall see …

4 Likes

And thank you for your reply! It helped me rethink my approach.

3 Likes

Happy to read you have found a solution :+1:

2 Likes