ServerName wx.schamschula.com
ServerAlias 173-26-107-252.client.mchsi.com
Their FQDN already points to your IP.
That makes sense! The earlier post seemed to imply this was a DNS change.
I've added it to wx.schamschula.com and restarted apache.
OK, what has been done?
What is still pending?
In short, we need 3 names [checked]
and two webroots/DocumentRoots [not checked]
I did add a webroot for solar (see above). It brings up some related web content for the moment.
I don't see it (can't find the tree within the forest).
Just give me the DocumentRoot line used and we can get you a cert.
I set DocumentRoot for solar.schamschula.com to /usr/local/www/apache24/data/solar
Ok, let's go for broke!
Try (copy all the lines and execute them as one command):
certbot certonly --cert-name temp3 --webroot \
-w /usr/local/www/apache24/data/solar -d solar.schamschula.com \
-w /usr/local/www/apache24/data -d wx.schamschula.com \
-w /usr/local/www/apache24/data -d 173-26-107-252.client.mchsi.com
Should I first stop apache? I'll definitely disable ipfw.
No, the whole point of using --webroot is NOT having to stop the web server.
You only need to allow inbound HTTP [TCP/80]
My script normally does that.
This is what I got
Requesting a certificate for solar.schamschula.com and 2 more domains
Certbot failed to authenticate some domains (authenticator: webroot). The Certificate Authority reported these problems:
Domain: 173-26-107-252.client.mchsi.com
Type: unauthorized
Detail: 132.226.38.239: Invalid response from http://173-26-107-252.client.mchsi.com/maintenance.php: "\n<html xmlns="http:"Hint: The Certificate Authority failed to download the temporary challenge files created by Certbot. Ensure that the listed domains serve their content from the provided --webroot-path/-w and that files created there can be downloaded from the internet.
Some challenges have failed.
Please show the HTTP server block that includes that name/alias.
<VirtualHost *:80>
ServerAdmin marius@schamschula.com
DocumentRoot "/usr/local/www/apache24/data"
ServerName wx.schamschula.com
ServerAlias 173-26-107-252.client.mchsi.com
ErrorLog "/var/log/httpd-error.log"
CustomLog "/var/log/httpd-access.log"
<Directory "/usr/local/www/apache24/data">
#Include /usr/local/etc/apache24/extra/httpd-rewrite.conf
Options Indexes FollowSymLinks
AllowOverride All
RewriteEngine On
# IP ranges
Include /usr/local/etc/apache24/extra/ip.conf
</Directory>
</VirtualHost>
Did you restart Apache?
Yes, indeed!
OH WTF ?
Someone messed with the IP!!!!!
Name: 173-26-107-252.client.mchsi.com
Address: 132.226.38.239
Let's not use the ISP's address. I've set up test.schamschula.com as a CNAME for wx.schamschula.com. Also I need to temporarily disable forwarding of the default index page to Dreamhost. This might be what happened here.
OK, that would also do the trick!
You need to add it as the alias in the vhost config [replacing "173-26-107-252.client.mchsi.com"]
Make sure to "test it first" - append "--dry-run"