The only issue is when I start the “dry” option on command for auto renewal:
certbot renew --dry-run
I got the following red error:
“Encountered vhost ambiguity but unable to ask for user guidance in non-interactive mode. Currently Certbot needs each vhost to be in its own conf file, and may need vhosts to be explicitly labelled with ServerName or ServerAlias directories.
Falling back to default vhost *:443…”
I use apache, I inserted the ServerName directory inside the conf file, each vhost is in its own conf file.
First question is: will this work anyway when the certificates will actually expire?
I only have 1 vhost for HTTPS and 1 vhost for HTTP in the sites-enabled folder of apache.
Let me add that after the error I posted in the previous message, the certbot gives me this output:
"Waiting for verification…
Cleaning up challenges
Generating key (2048 bits): /etc/letsencrypt/keys/0003_key-certbot.pem
Creating CSR: /etc/letsencrypt/csr/0003_csr-certbot.pem
** DRY RUN: simulating ‘certbot renew’ close to cert expiry
** (The test certificates below have not been saved.)
Congratulations, all renewals succeeded. The following certs have been renewed:
/etc/letsencrypt/live/my.web.site/fullchain.pem (success)
** DRY RUN: simulating ‘certbot renew’ close to cert expiry
** (The test certificates above have not been saved.)"
If you only have one domain, then falling back to the default should work fine. I had wrongly assumed with “each vhost has it’s own conf file” that you had more than one.