Hello,
I am trying to renew one of my SSL Certificates.
However the client fails and gives the following output:
[Development-Server] [root] [/home/bleedobsidian/letsencrypt]: letsencrypt-auto certonly -d
www.nebla.co.uk
-d client.nebla.co.uk -d nebla.co.uk
Updating letsencrypt and virtual environment dependencies.......
Running with virtualenv: /root/.local/share/letsencrypt/bin/letsencrypt certonly -dwww.nebla.co.uk
-d client.nebla.co.uk -d nebla.co.uk
Failed authorization procedure. client.nebla.co.uk (tls-sni-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Correct zName not found for TLS SNI challenge. Found '.registrar-servers.com, registrar-servers.com',www.nebla.co.uk
(tls-sni-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Correct zName not found for TLS SNI challenge. Found '.registrar-servers.com, registrar-servers.com', nebla.co.uk (tls-sni-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Correct zName not found for TLS SNI challenge. Found '*.registrar-servers.com, registrar-servers.com'
IMPORTANT NOTES:
- The following errors were reported by the server:
Domain: client.nebla.co.uk
Type: unauthorized
Detail: Correct zName not found for TLS SNI challenge. Found
'*.registrar-servers.com, registrar-servers.com'
Domain:
www.nebla.co.uk
Type: unauthorized
Detail: Correct zName not found for TLS SNI challenge. Found
'*.registrar-servers.com, registrar-servers.com'
Domain: nebla.co.uk
Type: unauthorized
Detail: Correct zName not found for TLS SNI challenge. Found
'*.registrar-servers.com, registrar-servers.com'
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A record(s) for that domain
contain(s) the right IP address.
The website is hosted with another hosting company (Which is why the output is on about '*.registrar-servers.com, registrar-servers.com').
What am I doing wrong? I assume the client is failing to challenge the domain because the certificates don't match up, but how can I fix this? The A records for the domain go to the IP address 37.61.237.49 which is the holder of these different SSL certificates. But how can I get the ACME client to allow the certificate to be renewed.
I've had a good look around for other topics on the forum however most of them are for people running a local web server. Creating a self-signed certificate would not solve anything here.
Thank you for any help.