Deleted Digital Ocean droplets, lost private key


#1

I’ve gone and deleted my digital ocean droplets to use a different provider so new ip address as well. I’ve not got the private key so I can’t revoke it and when I attempt to create a new certificate I get the following:

Failed authorization procedure. ci.mydomain.com (tls-sni-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Correct zName not found for TLS SNI challenge. Found 'composer.mydomain.uk'

IMPORTANT NOTES:
 - The following errors were reported by the server:

   Domain: ci.mydomain.com
   Type:   unauthorized
   Detail: Correct zName not found for TLS SNI challenge. Found
   'composer.mydomain.uk'

   To fix these errors, please make sure that your domain name was
   entered correctly and the DNS A record(s) for that domain
   contain(s) the right IP address.

#2

You don’t need to revoke the old certificate ( assuming it’s all safely deleted, and no one else has access to it).

The error you are getting is nothing to do with your old certificate and revocation, this is saying that the server didn’t respond with the correct name on the TLS SNI challenge (i.e. when it tried to go to https:yourdomain.com it got a certificate for a different domain).

Can you provide a bit more information ? I’m guessing you were trying to get a certificate using standalone mode ? if so did you shut down all other web servers on that IP ?


#3

You’re right, I disabled nginx and it worked! Great, thanks a lot.