[I am a new user with limited capabilities. When I tried to submit the full report, I was told I had more than 20 links. I only found two full links starting with http[s], so now I am truncating the message to try to get something I can submit.]
Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. [removed link]), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is: phrancko.com
I ran this command: certbot certificates
It produced this output:
certbot certificates
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Renewal configuration file /etc/letsencrypt/renewal/phrancko.com-0001.conf produced an unexpected error: renewal config file {} is missing a required file reference. Skipping.
Found the following certs:
Certificate Name: phrancko.com
Domains: phrancko.com blog.phrancko.com www.phrancko.com
Expiry Date: 2019-10-13 15:50:25+00:00 (VALID: 9 days)
Certificate Path: /etc/letsencrypt/live/phrancko.com/fullchain.pem
Private Key Path: /etc/letsencrypt/live/phrancko.com/privkey.pem
Certificate Name: www.phrancko.com
Domains: www.phrancko.com phrancko.com
Expiry Date: 2019-12-22 21:19:07+00:00 (VALID: 79 days)
Certificate Path: /etc/letsencrypt/live/www.phrancko.com/fullchain.pem
Private Key Path: /etc/letsencrypt/live/www.phrancko.com/privkey.pem
The following renewal configuration files were invalid:
/etc/letsencrypt/renewal/phrancko.com-0001.conf
My web server is (include version):
apache 2.4 (I think)
The operating system my web server runs on is (include version):
I’m running on AWS. The contents of cat /etc/os-release:
NAME=“Amazon Linux”
VERSION=“2”
ID=“amzn”
ID_LIKE=“centos rhel fedora”
VERSION_ID=“2”
PRETTY_NAME=“Amazon Linux 2”
ANSI_COLOR=“0;33”
CPE_NAME=“cpe:2.3:o:amazon:amazon_linux:2”
HOME_URL="/"
My hosting provider, if applicable, is: AWS
I can login to a root shell on my machine (yes or no, or I don’t know): yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no
The version of my client is (e.g. output of certbot --version
or certbot-auto --version
if you’re using Certbot):
certbot 0.26.1
I have successfully renewed the certification for www.phrancko.com but the certification for phrancko.com fails. I see from the above output (if I understand it correctly) that my attempt some time in the past to have one certificate that controls both of those domains resulted in two different certificates…
- one for the domains phrancko.com blog.phrancko.com www.phrancko.com
- and the other for www.phrancko.com phrancko.com
As you see the output shows the first certificate needs to be renewed, the second one does not. The domain blog.phrancko.com was never used so earlier today I backed up the letsencrypt directory and rancertbot --name-only blog.phrancko.com delete
(I think it was). Even though it first gave an error message about now renewal directory, it did in fact delete all the other directories that had that name.
So being brave, I tried to delete the entire certificate phrancko.com, hoping that the second certificate for both the live domains would remain and certification would no longer need renewing. However, when I restarted the server, httpd failed to start and told me to run the following command and go this output:
[truncated here…maybe I can send the rest when you respond]