It's actually my server that requires the cert I believe.
I can't login to my webmin/virtualmin to configure anything unless I use Firefox and make an exception.
I believe the certs may also be linked to my domains? I have around 4-5 domains running from the server, all of these state your information is not secure, I am trying to get this cert added to my server, then i can add HTTPS and make my domains secure
Im not sure if the above makes technical sense but I know what I am trying to say, sorry if its garble!
I’m afraid I didn’t really understand what you were saying there.
If you make a test file in /home/matchedb/public_html/test.txt, can you see it at http://server.matchedbettingforums.com/text.txt in a browser? If not, we can look further into your web server configuration for other hints.
So I think what you were saying now makes sense to me, which is that you have no VirtualHost for server.matchedbettingforums.com listening on port 80.
I am really not sure what your developer originally did to obtain this certificate, but my guess is perhaps obtaining it with a relatively simple default Apache configuration, and then adding all of this complexity with many different VirtualHosts after the certificate was already in place. A challenge now is that the renewal process still wants to make an inbound connection on port 80 and ask for a file within http://server.matchedbettingforums.com/.well-known/acme-challenge/, but no VirtualHost is really appropriate for that. (It does seem to fall back to a default VirtualHost in this case, but I’m not positive which one that is.)
I don’t know enough about Apache configuration to tell you directly how to set up the VirtualHost that you ought to have in order to make the renewal work. So, I would suggest one of the following courses of action:
Study a lot more about Apache configuration from online tutorials and document
Start a new thread here that emphasizes something like “Elaborate Apache VirtualHost configuration manually set up after original Certbot use” in the topic, in the hope that other people on the forum can be more helpful
Hire a new developer to fix things
Or, you can switch to the standalone authentication method if you’re willing to shut down your web server temporarily during the renewal process, taking it offline for everyone for all purposes for typically about 10-30 seconds about every two months
I will try and post a thread to see who has Apache experience
Would it be very difficult to start a server from scratch (providing I read up on this) to stop me from relying on developer costs?
I have no experience with server work, but willing to learn as it’s really interesting!
I do lots of website coding but that’s obviously a walk in the park, compared to this real coding!
Regarding switching to a standalone, how would this work? Does it physically stop all of my website processes? as I run a NODEBB Forum which is a bit of a pain to get going if it ‘stops’, ./restart nodebb doesnt seem to kick it up.
10-30 seconds is fine as I could do it after midnight!
Yes, you have to stop Apache and then renew the certificate and then restart Apache. (You don't necessarily have to do this manually; it can be done with the --pre-hook and --post-hook in the certbot renew command line.)
You would have to physically stop Apache (so Certbot can its built-in web server for a few seconds). Other web applications don't inherently have to stop, but it's possible the OS "stop Apache" scripts would do it anyway.
