Certbot not showing all ServerName and ServerAlias domains from Apache configuration

My domain is: josvlaar.com + 8 others

I ran this command: sudo certbot --apache

It produced this output: a list of 13 hosts to enable SSL for, though I have 27 ServerName and ServerAlias directives setup in the Apache configuration files. Why it shows 13 of them, why the same 13 every time and why not any of the 14 others is beyond me. The hosts certbot shows and doesn't show are configured in the same way in the same configuration files.

The ServerName and ServerAlias records are setup in the same virtualhost as follows:
ServerName domain1.com
ServerAlias www.domain1.com
ServerName domain2.com
ServerAlias www.domain2.com
And so forth

The test subdomains are all put in a different virtualhost like so:
ServerName test.domain1.com
ServerName test.domain2.com
And so forth

Apart from the above configuration for the 8 other domains, I also have josvlaar.com, www.josvlaar.com and test.josvlaar.com setup the same way in 2 other virtualhosts. So that makes it 4 virtualhosts in total that the records are spread over. Apache says my config syntax is OK.

My web server is (include version): Apache 2

The operating system my web server runs on is (include version): Ubuntu 22.04

My hosting provider, if applicable, is: Strato

My DNS provider is Cloudflare. I have 3 DNS records setup (as DNS only) for every domain: an A record for domain.com and test.domain.com and a CNAME record for www.domain.com

I can login to a root shell on my machine (yes or no, or I don't know): yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): 1.21.0

My question is: how could it be possible that certbot only shows/detects half of the ServerName and ServerAlias domains configured? Could it have anything to do with Cloudflare?

Thank you for your time!

The Certbot --apache plugin looks at your local Apache config directly. It would not be affected by the DNS settings

What does this show

sudo apache2ctl -t -D DUMP_VHOSTS
2 Likes

It shows the following. These are indeed the same hosts/domains certbot also shows...

VirtualHost configuration:
*:80 is a NameVirtualHost
default server domain8.com (/etc/apache2/sites-enabled/ictmee.conf:1)
port 80 namevhost domain8.com (/etc/apache2/sites-enabled/ictmee.conf:1)
alias www.domain1.com
alias www.domain2.com
alias www.domain3.com
alias www.domain4.com
alias www.domain5.com
alias www.domain6.com
alias www.domain7.com
alias www.domain8.com
port 80 namevhost test.domain8.com (/etc/apache2/sites-enabled/ictmeetest.conf:1)
port 80 namevhost josvlaar.com (/etc/apache2/sites-enabled/josvlaar.conf:1)
alias www.josvlaar.com
port 80 namevhost test.josvlaar.com (/etc/apache2/sites-enabled/josvlaartest.conf:1)

Then are you sure all those other names are in VirtualHost files that are in sites-enabled conf files? (compared to sites-available?)

3 Likes

Yes, the hostnames not showing are setup in the same config files/virtualhosts in both sites-enabled and sites-available folders. They are also configured the exact same way (same notation).

Can anybody reproduce my problem?

I think it's odd that domain8.com would show up 3 times in the above output, while the other 7 only show the www alias...

Also, why is domain8.com listed as default server? I have not set that up anywhere...

It looks like apache is picking only the bottom ServerName in all virtualhosts (ignoring the others), and it does pick all ServerAlias'es.

Bottom ServerName? There should only be one of those in each VirtualHost along with related ServerAlias if any. You might want to review the Apache docs or visit an Apache support forum.

Unless a specific one is defined the first one becomes the default. This is normal Apache behavior

It does not show up 3 times. That root name only shows up once and two subdomains of it show up (www as an alias and test as its own VirtualHost).

3 Likes

That solved it, thank you! Strange though that Apache would say my config syntax was OK with multiple ServerName's configured within a single VirtualHost...

2 Likes