My domain is: vmln-1.shroyerco.com
I ran this command: certbot renew --cert-name vmln-1.shroyerco.com -i apache --dry-run
It produced this output: Saving debug log to /var/log/letsencrypt/letsencrypt.log
Processing /etc/letsencrypt/renewal/vmln-1.shroyerco.com.conf
Simulating renewal of an existing certificate for vmln-1.shroyerco.com and www.vmln-1.shroyerco.com
Certbot failed to authenticate some domains (authenticator: apache). The Certificate Authority reported these problems:
Domain: www.vmln-1.shroyerco.com
Type: connection
Detail: 132.147.1.135: Fetching http://www.vmln-1.shroyerco.com/.well-known/acme-challenge/OUywTv7Q9D0JeRYbTcKv5HOAKadoeKFytQLxcLR6iHY: Error getting validation data
Domain: vmln-1.shroyerco.com
Type: connection
Detail: 132.147.1.135: Fetching http://vmln-1.shroyerco.com/.well-known/acme-challenge/J4ZpROAlpGnPwjzk6fjAjC-etj5OQI18L8pkCKNOfF4: Error getting validation data
Hint: The Certificate Authority failed to verify the temporary Apache configuration changes made by Certbot. Ensure that the listed domains point to this Apache server and that it is accessible from the internet.
Failed to renew certificate vmln-1.shroyerco.com with error: Some challenges have failed.
All simulated renewals failed. The following certificates could not be renewed:
/etc/letsencrypt/live/vmln-1.shroyerco.com/fullchain.pem (failure)
My web server is (include version):
httpd -v
Server version: Apache/2.4.6 (CentOS)
Server built: Nov 16 2020 16:18:20
The operating system my web server runs on is (include version):
Centos 7
My hosting provider, if applicable, is:
I can login to a root shell on my machine (yes or no, or I don't know):yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel):no
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): more info
I have 3 websites using letsEncrypt certificates
/usr/bin/certbot certificates
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Found the following certs:
Certificate Name: bossdatacenters.com
Serial Number: 4d2f809d6c0de41fc55ff00529fc46c8196
Key Type: RSA
Domains: bossdatacenters.com www.bossdatacenters.com
Expiry Date: 2023-01-08 12:47:14+00:00 (VALID: 61 days)
Certificate Path: /etc/letsencrypt/live/bossdatacenters.com/fullchain.pem
Private Key Path: /etc/letsencrypt/live/bossdatacenters.com/privkey.pem
Certificate Name: vmln-1.shroyerco.com
Serial Number: 49a83e945651d034350c8f89b3925e94f16
Key Type: RSA
Domains: vmln-1.shroyerco.com www.vmln-1.shroyerco.com
Expiry Date: 2022-11-29 14:55:06+00:00 (VALID: 21 days)
Certificate Path: /etc/letsencrypt/live/vmln-1.shroyerco.com/fullchain.pem
Private Key Path: /etc/letsencrypt/live/vmln-1.shroyerco.com/privkey.pem
Certificate Name: www.shroyerelectric.com
Serial Number: 3f8b5809b29d8faba921873efc9704ee243
Key Type: RSA
Domains: www.shroyerelectric.com shroyerelectric.com
Expiry Date: 2022-11-30 10:23:04+00:00 (VALID: 22 days)
Certificate Path: /etc/letsencrypt/live/www.shroyerelectric.com/fullchain.pem
Private Key Path: /etc/letsencrypt/live/www.shroyerelectric.com/privkey.pem
vmln-1.shroyerco.com & www.shroyerelectric.com will not renew
bossdatacenters.com works?
dig +short a vmln-1.shroyerco.com
132.147.1.135
dig +short a www.vmln-1.shroyerco.com
132.147.1.135
dig +short a bossdatacenters.com
132.147.1.137
dig +short a www.bossdatacenters.com
bossdatacenters.com.
132.147.1.137
curl -I vmln-1.shroyerco.com
HTTP/1.1 302 Found
Date: Mon, 07 Nov 2022 18:18:17 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_auth_gssapi/1.5.1 mod_fcgid/2.3.9 mod_nss/1.0.14 NSS/3.28.4 mod_wsgi/3.4 Python/2.7.5 PHP/7.3.29
X-Powered-By: PHP/7.3.29
Set-Cookie: PHPSESSID=6c30bec241d42fff15aa7ca23678e45d; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Location: /auth/logout.php
Content-Type: text/html; charset=UTF-8
sudo apachectl -S
VirtualHost configuration:
10.168.1.149:80 vmln-1.shroyerco.com (/etc/httpd/conf.d/domain.com.conf:9)
10.168.1.149:443 vmln-1.shroyerco.com (/etc/httpd/conf.d/ssl.conf:60)
10.168.1.102:443 www.bossdatacenters.com (/etc/httpd/conf.d/domain.com-le-ssl.conf:14)
10.168.1.102:80 www.bossdatacenters.com (/etc/httpd/conf.d/domain.com.conf:14)
10.168.1.126:443 www.shroyerelectric.com (/etc/httpd/conf.d/domain.com-le-ssl.conf:2)
10.168.1.126:80 www.shroyerelectric.com (/etc/httpd/conf.d/domain.com.conf:1)
*:8443 10.168.1.149 (/etc/httpd/conf.d/nss.conf:84)
ServerRoot: "/etc/httpd"
Main DocumentRoot: "/home/shroyerco/www/"
Main ErrorLog: "/etc/httpd/logs/error_log"
Mutex authdigest-opaque: using_defaults
Mutex proxy-balancer-shm: using_defaults
Mutex rewrite-map: using_defaults
Mutex authdigest-client: using_defaults
Mutex fcgid-proctbl: using_defaults
Mutex ssl-stapling: using_defaults
Mutex proxy: using_defaults
Mutex authn-socache: using_defaults
Mutex ssl-cache: using_defaults
Mutex default: dir="/run/httpd/" mechanism=default
Mutex mpm-accept: using_defaults
Mutex fcgid-pipe: using_defaults
PidFile: "/run/httpd/httpd.pid"
Define: _RH_HAS_HTTPPROTOCOLOPTIONS
Define: DUMP_VHOSTS
Define: DUMP_RUN_CFG
User: name="shroyerco" id=1010
Group: name="shroyerco" id=1010
bossdatacenters.com works
certbot renew --cert-name bossdatacenters.com -i apache --dry-run
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Processing /etc/letsencrypt/renewal/bossdatacenters.com.conf
Simulating renewal of an existing certificate for bossdatacenters.com and www.bossdatacenters.com
Congratulations, all simulated renewals succeeded:
/etc/letsencrypt/live/bossdatacenters.com/fullchain.pem (success)
certbot renew --cert-name vmln-1.shroyerco.com -i apache --dry-run
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Processing /etc/letsencrypt/renewal/vmln-1.shroyerco.com.conf
It was working the past few months then the domain vmln-1.shroyerco.com stopped renewing.
thanks for any help