Creating new certificate worked, but https isn't accessible


I followed this guide to install new certificate for my website because my certificate was expired.

The installation was a success, but i still get the privacy error, although, the expiration date as changed and is now not expired.

here’s my ssl.conf:
<VirtualHost *:443>
# The ServerName directive sets the request scheme, hostname and port that
# the server uses to identify itself. This is used when creating
# redirection URLs. In the context of virtual hosts, the ServerName
# specifies what hostname must appear in the request’s Host: header to
# match this virtual host. For the default virtual host (this file) this
# value is not decisive as it is used as a last resort host regardless.
# However, you must set it for any further virtual host explicitly.

DocumentRoot /var/www/html

SSLEngine on

# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
# error, crit, alert, emerg.
# It is also possible to configure the loglevel for particular
# modules, e.g.
#LogLevel info ssl:warn

ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined

# For most configuration files from conf-available/, which are
# enabled or disabled at a global level, it is possible to
# include a line for only one particular virtual host. For example the
# following line enables the CGI configuration for this host only
# after it has been globally disabled with "a2disconf".
#Include conf-available/serve-cgi-bin.conf
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/
SSLCertificateKeyFile /etc/letsencrypt/live/

vim: syntax=apache ts=4 sw=4 sts=4 sr noet

using apache2 with ubuntu 18.04

I’ve looked through this section multiple similar subject, tried to restart apache2 didn’t worked.
If you have suggestion please do,
Thank you!


Hi @ocrean

that’s simple, see your check, ~~40 minutes old -

Your certificate
expires in 90 days - 1 entry

has only the non-www domain name, but you have a redirect to your www version.

So that’s insecure.

Create one certificate with both domain names and use that.



Thank you for your time!

I tried to put a ServerAlias but it didn’t work

When I run the commands from certbot they ask me to choose from a list and is not there, only

How can I make one for both?

Edit: nevermind, it has appeared somehow, or I’m blind, either way, it’s working! Thank you!



apachectl -S

to find your defined and used vHosts.

Easiest solution: One port 80 vHost with non-www and www, then Certbot can use that vHost as template to create the port 443 vHost.


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.