Completeley remove everything certbot including certificates and start again

I just tested the latest firefox browser, which does show the www, but the latest chrome browser does not

1 Like

Looks like wordpress is redirecting one of them:

curl -Iki
HTTP/1.1 200 OK
Date: Tue, 12 Jan 2021 17:46:51 GMT
Server: Apache/2.4.41 (Ubuntu)
Link: <>; rel=""
Link: <>; rel="alternate"; type="application/json"
Link: <>; rel=shortlink
Content-Type: text/html; charset=UTF-8

curl -Iki
HTTP/1.1 301 Moved Permanently
Date: Tue, 12 Jan 2021 17:46:58 GMT
Server: Apache/2.4.41 (Ubuntu)
X-Redirect-By: WordPress
Content-Type: text/html; charset=UTF-8

I can find no problem.
Now to get you two certs.

What says:
certbot --version
certbot certificates


I checked that out, the only setting can find is set to www

1 Like

kes@wordpress:/etc/apache2/sites-enabled$ certbot --version
certbot 1.11.0

kes@wordpress:/etc/apache2/sites-enabled$ certbot certificates
The following error was encountered:
[Errno 13] Permission denied: '/var/log/letsencrypt/.certbot.lock'
Either run as root, or set --config-dir, --work-dir, and --logs-dir to writeable paths.

kes@wordpress:/etc/apache2/sites-enabled$ sudo certbot certificates
Saving debug log to /var/log/letsencrypt/letsencrypt.log

Found the following certs:
Certificate Name:
Serial Number: 4119e05918cf6adf2c2fbcf25a4ea7fa9bf
Key Type: RSA
Expiry Date: 2021-04-11 17:10:04+00:00 (VALID: 88 days)
Certificate Path: /etc/letsencrypt/live/
Private Key Path: /etc/letsencrypt/live/


So far so good.
One cert with both names on it.
Let's see if we can get it installed.

certbot --apache
[and let's walk through the prompts]


If I can later get both non www and www versions of the site in one file at
then will the cert we are about to produce work, or will I need a new one?

sudo certbot --apache

1,2 & enter



I got lots of errors after putting in 1,2.

I'm doing a write up now which is this. I will add to it over this evening and tomorrow morning as I get time, until it is complete. I will post a reply below to say it is complete, when I am finished the write up.

It seems https:// now works with www and without www entered into the browser, at least www shows up in the latest version of the firefox browser when entered. So I presume both now work ok.

I had to make quite a few changes including setting all the keys with the following octal permisions settings

cd /etc/letsencrypt/archive/; stat -c "%a %n" *
640 cert1.pem
640 chain1.pem
640 fullchain1.pem
640 privkey1.pem

The below line is what I used to set the permissions for all files to 640

chmod 640 -R *

I also had to change the file permisions on the below two shown directories

chmod 0755 /etc/letsencrypt/{live,archive}

The trapped loop previously shown here

stopped being shown when I cleared my browser cache and
changed the WordPress site general settings from to httpS://

.. more to follow ..

1 Like

Yes, that's required if you want to test such things. Browsers use too much caching, so it's not really possible to check such things with a browser.

Online tools and command line tools -> no caching, every GET is new.

But checking all these urls with curl etc. is terrible :wink: