Certificate stopped working

My domain is: arshift.com

My web server is (include version): digitalocean

The operating system my web server runs on is (include version): ubuntu 16.0.4

I can login to a root shell on my machine (yes or no, or I don’t know): yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no

I installed the certificate on a new VPS, transferred the domain name from a different VPS. Everything worked fine for a week or so, but now it stopped working. The certificates are not overdue or anything. I’m completely new to this, what should I do? I don’t understand where to even start. Thanks!

We get a certificate error when loading your site, because you host your website on www.arshift.com and redirect there from arshift.com, but your certificate only contains arshift.com and not www.arshift.com.

To add a domain name to a certificate, run something like:

certbot run --cert-name arshift.com --expand -d www.arshift.com

Please confirm the certificate name using certbot certificates first; it usually but not always matches the only/first domain listed on your current certificate.

I understand you’re also having problems with issuance. Running that or a renew command will print a bunch of helpful information we can use to figure out what’s going wrong. Please share it with us.


It helped! Thank you very much!

Now I have another problem - https gives me 404 pages, when https works fine. What should I do?

This could be because you have a different configuration between your HTTP and HTTPS virtual hosts, or it could be that you are simply missing a virtual host entry for HTTPS and the default one is showing up instead.

Please share your virtual host configuration files with us if you’re not sure how to fix this.

how can I do it? sorry for noob questions

What web server do you use? Which operating system / Linux distribution does it run on?

Apache on Ubuntu 16.04.02 on digitalocean

The Virtual Host files are typically found in /etc/apache2/sites-available. Please share each one of them with us. If any of them contain an Include statement that drags in another configuration file, please share the referenced file as well.

You might find it easier to use a pastebin that supports multiple files like GitHub Gist rather than pasting directly to the forum.

So you have some possibly conflicting virtual host entries, one of which doesn’t enable .htaccess files or symlinks, two features you may be relying on and could see 404s without.

Your HTTPS also doesn’t redirect away from www to the apex domain like HTTP does. You probably want to do this consistently.

So I would suggest dropping the Ubuntu default SSL file that might be causing the conflict, and setting up a www to not-www redirect for HTTPS like already exists for HTTP.

Like so:

(Please back up your existing configuration beforehand so you don’t have to retrieve it from GitHub later if there’s a problem.)

However, I noticed that https://arshift.com is still showing certificate errors. (Try it in Firefox if it seems to load in Chrome.) If the certbot command I suggested earlier didn’t throw any errors, you may have to sudo service apache2 restart to get your web server to load your certificate.

Otherwise, I would suggest sharing the error you get from certbot and sorting that out first, as the configuration I suggested will make this certificate error more prominent.

Wouldn’t it be easier to just delete everything completely and install again?

It could be, or you could spend several hours doing everything over again only to end up right back where you started. If we’re not sure what the problem is it’s hard to promise it won’t come back again. :wink:

Your certificate issue is my fault, the command I told you earlier reversed your problem instead of fixing it.

certbot run --cert-name arshift.com --expand -d arshift.com -d www.arshift.com

will set it straight. Then you only have the 404 issue, which you ought to be able to resolve by deleting the two bad vhost files and creating the one redirect one as I suggested earlier.

Sorry for my newbie mistake.

1 Like

Oh, thanks a lot! I’ll try it)

Your solution seems to have worked! Now it doesn’t give me 404 without deleting anything, I just put that command in

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.