Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is: yeshurunfarm.com
I ran this command: sudo certbot certonly --webroot -w /var/www/html -d yeshurunfarm.com -d www.yeshurunfarm.com -d mail.yeshurunfarm.com
It produced this output:
My web server is (include version): Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator webroot, Installer None
You have an existing certificate that contains a portion of the domains you
requested (ref: /etc/letsencrypt/renewal/www.yeshurunfarm.com.conf)
It contains these names: www.yeshurunfarm.com
You requested these names for the new certificate: yeshurunfarm.com,
www.yeshurunfarm.com, mail.yeshurunfarm.com.
Do you want to expand and replace this existing certificate with the new
certificate?
(E)xpand/(C)ancel: E
Renewing an existing certificate
Performing the following challenges:
http-01 challenge for mail.yeshurunfarm.com
http-01 challenge for yeshurunfarm.com
Using the webroot path /var/www/html for all unmatched domains.
Waiting for verification...
Challenge failed for domain mail.yeshurunfarm.com
Challenge failed for domain yeshurunfarm.com
http-01 challenge for mail.yeshurunfarm.com
http-01 challenge for yeshurunfarm.com
Cleaning up challenges
Some challenges have failed.
IMPORTANT NOTES:
-
The following errors were reported by the server:
Domain: mail.yeshurunfarm.com
Type: unauthorized
Detail: 98.174.244.227: Invalid response from
http://mail.yeshurunfarm.com/.well-known/acme-challenge/3iBttKZKNHfc5AiGR4wSwyNrPi0U53c8PB6_6nPu4zA:
404Domain: yeshurunfarm.com
Type: unauthorized
Detail: 98.174.244.227: Invalid response from
https://www.yeshurunfarm.com/: "\n<html
lang="en-US">\n\n\n <meta charset="UTF-8">\n <meta
name="viewport" content="width=device-width, in"To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.
loveofyah@www:~$
The operating system my web server runs on is (include version): Ubunt 22.04
My hosting provider, if applicable, is: self
I can login to a root shell on my machine (yes or no, or I don't know):yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel): no provider
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): certbot 0.40.0
I have A records for the certificate I want to expand but certbot doesn't seem to recognize them. Also my web server was redirecting all traffic to https however I have it redirect all traffic except for ./well-known/ . How do I get certbot to expand on the certificate?.
