Certbot incorrect domain?

msacco · July 7, 2023, 12:08pm

Hey, I have some issues with trying to get a new certificate for my domain which is about to expire.
I have in the past issued certificates to 2 domains to test a few things, but it seems like when I try to renew a certificate to 1 domain it somehow redirects to the second domain.
Lets say the actual domain is mydomain.ddns.net, and the second test domain was mydomain2.ddns.net

I have completely removed the mydomain2 records on /etc/letsencrypt, if I run certbot certificates this is the output:

Found the following certs:
Certificate Name: mydomain.ddns.net
Serial Number: 4e222adb68dcd01e48d911afa117f51bc00
Key Type: RSA
Domains: mydomain.ddns.net
Expiry Date: 2023-07-12 21:42:02+00:00 (VALID: 5 days)
Certificate Path: /etc/letsencrypt/live/mydomain.ddns.net/fullchain.pem
Private Key Path: /etc/letsencrypt/live/mydomain.ddns.net/privkey.pem

This is the command I'm using to try to generate a new key(only testing in this case)

certbot certonly --webroot --webroot-path /var/www/openmediavault -d mydomain.ddns.net --dry-run

This is the output I'm getting:

Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator webroot, Installer None
Cert is due for renewal, auto-renewing...
Simulating renewal of an existing certificate for mydomain.ddns.net
Performing the following challenges:
http-01 challenge for mydomain.ddns.net
Using the webroot path /var/www/openmediavault for all unmatched domains.
Waiting for verification...
Challenge failed for domain mydomain.ddns.net
http-01 challenge for mydomain.ddns.net
Cleaning up challenges
Some challenges have failed.

IMPORTANT NOTES:

The following errors were reported by the server:

Domain: mydomain.ddns.net
Type: dns
Detail: xx.xxx.xxx.115: Fetching
https://mydomain2.ddns.net/.well-known/acme-challenge/gWv7odBeLlNUJGlFWmz4AtHQxTtNn5TXGRaUtOvtevw:
no valid A records found for mydomain2.ddns.net; no valid AAAA
records found for mydomain2.ddns.net

I'm not sure why it still tries to go to the other domain, does anyone have any ideas on what I can check?
Thanks.

webprofusion · July 7, 2023, 12:15pm

If you provide your real domain we can probably tell you, but it looks (from your description) like you have a redirection from the first domain to the second domain.

rg305 · July 7, 2023, 4:49pm

It looks like you've jumbled the output.
It shows an IP and then says it can't find an IP ? ? ?

system · August 6, 2023, 4:50pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Certbot unable to renew: Invalid response Help	26	1230	April 21, 2023
Renewing multiple domain certificate with certbot Help	12	5109	March 8, 2022
How to add domain to the certificate? Help	12	7682	June 7, 2018
Multi-domain renewal, one domain not pointing to server makes renewal fail Help	3	463	August 5, 2020
Certbot Renew Created a Second Set of Domain-0001 certificates Help	13	9475	February 18, 2019

Certbot incorrect domain?

Related topics