Certbot - Cannot Expand Certificate


#1

I am currently under some problems with certbot.

I am using debian 9, and I could install the certificates to www.$$.org without any trouble. However when connect using $$.org firefox says connection not secure.

I had run the command:

certbot --apache -d $$.org -d www.$$.org

and it gives the following error:

Cleaning up challenges
Failed authorization procedure. $$.org (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://$$.org/.well-known/acme-challenge/osVsdhjashas4: "<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>404 Not Found</title>
</head><body>
<h1>Not Found</h1>
<p"

IMPORTANT NOTES:
 - The following errors were reported by the server:

   Domain: $$.org
   Type:   unauthorized
   Detail: Invalid response from
   http://$$.org/.well-known/acme-challenge/okasjakjsaksjaskajsaas:
   "<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
   <html><head>
   <title>404 Not Found</title>
   </head><body>
   <h1>Not Found</h1>
   <p"

   To fix these errors, please make sure that your domain name was
   entered correctly and the DNS A/AAAA record(s) for that domain
   contain(s) the right IP address.

I already tried to redirect all $$.org to www.$$.org, and it works but only if I put something like http://$$.org/something it redirects to https://www.$$.org/something

but http://$$.org/ does not redirect to https://www.$$.org/ but to https://$$.org/, and the firefox error comes along again.

Also if I do https://$$.org/something it does NOT redirect to https://www.$$.org/something, and the firefox error comes along again.

Any idea what may be happening?

This is my www.$$.org.conf

<VirtualHost *:80>
        # The ServerName directive sets the request scheme, hostname and port that
        # the server uses to identify itself. This is used when creating
        # redirection URLs. In the context of virtual hosts, the ServerName
        # specifies what hostname must appear in the request's Host: header to
        # match this virtual host. For the default virtual host (this file) this
        # value is not decisive as it is used as a last resort host regardless.
        # However, you must set it for any further virtual host explicitly.
        #ServerName www.example.com

        ServerAdmin something@$$.com
        ServerName $$.com
        ServerAlias www.$$.com
        DocumentRoot /var/www/fdssd/root

        # Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
        # error, crit, alert, emerg.
        # It is also possible to configure the loglevel for particular
        # modules, e.g.
        #LogLevel info ssl:warn

        ErrorLog ${APACHE_LOG_DIR}/error.log
        CustomLog ${APACHE_LOG_DIR}/access.log combined

        # For most configuration files from conf-available/, which are
        # enabled or disabled at a global level, it is possible to
        # include a line for only one particular virtual host. For example the
        # following line enables the CGI configuration for this host only
        # after it has been globally disabled with "a2disconf".
        #Include conf-available/serve-cgi-bin.conf
RewriteEngine on
RewriteCond %{SERVER_NAME} =$$.org [OR]
RewriteCond %{SERVER_NAME} =www.$$.org
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>

and this is my $$.org.conf

<VirtualHost *:80>
        # The ServerName directive sets the request scheme, hostname and port that
        # the server uses to identify itself. This is used when creating
        # redirection URLs. In the context of virtual hosts, the ServerName
        # specifies what hostname must appear in the request's Host: header to
        # match this virtual host. For the default virtual host (this file) this
        # value is not decisive as it is used as a last resort host regardless.
        # However, you must set it for any further virtual host explicitly.
        #ServerName www.example.com

        ServerAdmin somthing@$$.com
        ServerName $$.org
        ServerAlias www.$$.org
        DocumentRoot /var/www/sdsds/root

        # Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
        # error, crit, alert, emerg.
        # It is also possible to configure the loglevel for particular
        # modules, e.g.
        #LogLevel info ssl:warn

        ErrorLog ${APACHE_LOG_DIR}/error.log
        CustomLog ${APACHE_LOG_DIR}/access.log combined

        # For most configuration files from conf-available/, which are
        # enabled or disabled at a global level, it is possible to
        # include a line for only one particular virtual host. For example the
        # following line enables the CGI configuration for this host only
        # after it has been globally disabled with "a2disconf".
        #Include conf-available/serve-cgi-bin.conf


</VirtualHost>

#2

You won’t change the domain name with this redirect. It will always redirect to https:// but keep the initial domain name.
Try to name your redirect target domain directly:

RewriteCond %{SERVER_NAME} =$$.org [OR]
RewriteCond %{SERVER_NAME} =www.$$.org
RewriteRule ^ https://www.$$.org%{REQUEST_URI} [END,NE,R=permanent]

If this does not work, show the affected domain name instead of $$.org, otherwise helping you is just looking into crystal balls.


#3

Well, I don’t know why, but the problem seems to be due to a subdomain. test.$$.org… Now, i deleted the test.subdomain.$$.org.com-le-ssl.conf and rerun the command it worked.

But now, everytime I use test.$$.org it goes to $$.org root directory, not the test directory

any idea?


#4

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.